Tokyo Olympics organizers’ data swept up in Fujitsu hack: report
The organizing committee of the Tokyo Olympics is the latest victim of a breach in which hackers broke into a Japanese government contractor’s data-sharing tool, according to a Japanese media report.
The breach affected some 170 people who participated in a cybersecurity drill ahead of the Olympic Games next month, Kyodo News reported. The leaked data included the names and affiliations of people from 90 organizations involved in hosting the Olympics, according to the outlet.
It’s apparently the latest Japanese organization to be swept up in an incident that began with unidentified attackers accessing data-sharing software made by technology firm Fujitsu. The breach of the tool last month has reportedly given hackers access to data at multiple Japanese government ministries. Fujitsu has suspended use of the software as it investigates the breach.
The Japanese government’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC), which hosted the cybersecurity drill, confirmed in a statement on Wednesday that the hack had exposed some participants’ data.
“We have already contacted those who have been found to have leaked personal information,” the NISC said.
The full scope of the incident was unclear Friday. The organizing committee did not immediately respond to a request for comment.
Cybersecurity measures have become a must for Olympic organizers as state-linked hackers have repeatedly shown an interest in the sporting events. Russian intelligence operatives, for instance, launched a computer virus that disrupted the opening ceremony of the 2018 games in South Korea, U.S. intelligence officials have alleged.
“High profile global sporting events such as the World Cup or Olympic Games have been and will remain very tempting targets for hackers because of the potential disruption and notoriety that can result from such attacks,” said Merritt Maxim, a vice president at research firm Forrester who has studied sports-related cyberthreats.
“This latest incident is unfortunate and a reminder that ongoing cyber vigilance is necessary” to protect large-scale sporting events, Maxim added.
In addition to threats from spies, the Cyber Threat Alliance has cautioned that ransomware criminals may see vendors involved in the Olympics as ripe for extortion.
