The cyberattack that compromised the personal data of 1.25 million people at the Japan Pension Service last year was perpetrated using a similar type of virus to ones used in breaches at three other organizations, according to investigative sources.
The Metropolitan Police Department is analyzing related communication logs in an attempt to identify the sources of virus attacks.
According to the Japan Pension Service and others in the know, one of the agency’s personal computers was infected with a virus in May 2015 when an employee opened an file attached to an email message. That in turn sent out a large number virus-containing emails to other personnel working for the nation’s public pension system.
At the Tokyo Chamber of Commerce and Industry, personal data on 12,000 people may have been stolen using an email-infected computer virus, the business lobby said in June 2015. Also during the same month, the Petroleum Association of Japan confirmed a similar break-in.
Then in July, it was revealed that the website of a labor ministry-designated public interest foundation was compromised so that visitors to the site would be infected with a virus.
In the Japan Pension Service incident, an infected PC had questionable communications with 20 servers in Japan and abroad including in the United States and Singapore.
The police found some of the data stolen from the Japan Pension Service in a server in Tokyo’s Minato Ward owned by a shipping company.