Initial Disclosure Date: Jan 23, 2014
On January 21, Japan'sNational Agriculture and Food Research Organization (NARO) and National Institute of Agrobiological Sciences (NIAS) announced that their email account was hijacked to send a large amount of spams. Both of the organizations claimed that they had cancelled the accounts and had confirmed no leak of patent-associated or sensitive information so far.
NARO's 35-years old researcher happened to access a malicious website whose link was in an English phishing email to request him to expand his email server. He typed his work account's ID and password sometime after December 25th, 2013. On December 31, a large amount of English spams were sent out from his email account to claim that the organization was looking for project partners. The messages also included a contact email address.
NIAS found out on January 6 that one of their employee's email account had been hijacked and a lot of spams were sent from that account between January 2nd and 6th. He also received a similar phishing email and the spams were similar to NARO’s. On January 6, NIAS cancelled the email account.
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。