Panasonic Australia

Summary

Panasonic Australia confirmed a cyber incident in June 2024 following claims by the Akira ransomware group that they had compromised company data. Despite the ransomware group's claims, Panasonic Australia stated that no business or customer data was compromised.

Attack Vector

The Akira ransomware group listed Panasonic Australia on their dark web leak site, claiming to have breached the company's cybersecurity and stolen files containing information about projects and confidential agreements. Akira ransomware actors typically exploit Cisco vulnerabilities (CVE-2020-3259 and CVE-2023-20269) to breach organizations through VPN services without multifactor authentication, and also conduct spear phishing campaigns.

Consumer Impact

According to Panasonic Australia's investigation, no business or customer data was compromised despite Akira's claims. The company confirmed their network is secure and operations continue as normal, suggesting the breach attempt was either unsuccessful or limited in scope.

Response

Panasonic Australia took immediate action to secure their systems upon learning of the incident and initiated a thorough investigation by forensic IT specialists. The company publicly confirmed that their network is secure and operations continue normally, contradicting the ransomware group's claims of successful data exfiltration.