Marketo gang has announced Fujitsu on their victim list.
A group called Marketo is selling data stolen from Fujitsu on the dark web. On August 26, the criminal Marketo gang wrote on its leak site that it had 4 GB of stolen data and was selling it. They provided samples of the data and claimed they had confidential customer information, company data, budget data, reports and other company documents including information on projects.
The Japanese tech giant said the information “appears related to customers” and not their own systems.
Initially, the group’s leak site said it had 280 bids on the data. But now the leak site shows 70 bids for the data, including one bid as of Monday, August 30.
Fujitsu downplays the incident
A Fujitsu spokesperson downplayed the incident. They told ZDNet that there was no indication it related to a situation in May. That was when hackers stole data from Japanese government entities through Fujitsu’s ProjectWEB platform.
“We are aware that information has been uploaded to dark web auction site ‘Marketo’ that purports to have been obtained from our site.”
“Details of the source of this information, including whether it comes from our systems or environment, are unknown,” a Fujitsu spokesperson told ZDNet.
“Because this includes information that appears related to customers, we will refrain from commenting on the details. I assume that you may recall the last event of Project WEB on May, but there is no indication that this includes information leaked from ProjectWEB, and we believe that this matter is unrelated.”
Cybersecurity experts like Cato Networks senior director of security strategy Etay Maor questioned the number of bids on the data. They noted that the Marketo group controls the website and could easily change the number. They would do this as a way to put pressure on buyers.
The account has taunted Fujitsu in recent days, writing on Sunday, “Oh, the sweet, sweet irony. One of the largest IT services provider couldn’t find themselves an adequate protection.”
The gang has repeatedly claimed it is not a ransomware group. Instead, they call themselves an “informational marketplace.” They contacted multiple news outlets in May to tout their work.