On March 16, 2023, Hitachi Energy confirmed that it had suffered a data breach. The breach was caused by an attack on Fortra GoAnywhere MFT, a third-party software provider that Hitachi Energy uses for managed file transfer. The attack was carried out by the Clop ransomware gang, who are known for using zero-day vulnerabilities to gain access to their victims' systems.
The breach may have exposed the personal information of some Hitachi Energy employees, including their names, addresses, email addresses, and social security numbers. Hitachi Energy has said that it is not aware of any customer data being compromised, but it is still investigating the full extent of the breach.
The company has taken steps to mitigate the damage caused by the breach, including disconnecting the affected system and notifying affected employees. Hitachi Energy has also offered to provide free credit monitoring and identity theft protection to affected employees.
What was stolen?
The exact data that was stolen in the Hitachi Energy data breach is still being investigated. However, it is believed that the hackers may have accessed the following information:
Names
Addresses
Email addresses
Social security numbers
Phone numbers
Date of births
Employment information
Bank account information
Medical information
What was the impact?
The impact of the Hitachi Energy data breach is still being assessed. However, it is possible that the hackers could use the stolen information to commit identity theft or other crimes. For example, they could use the stolen social security numbers to open new accounts in the victims' names or to file fraudulent tax returns.
The breach could also have a reputational impact on Hitachi Energy. Customers may be concerned about the security of their data and may choose to do business with other companies.
What can you do?
If you are an employee of Hitachi Energy, you should take the following steps to protect yourself:
Check your credit report: You can get a free copy of your credit report from each of the three major credit bureaus once per year. This will allow you to look for any unauthorized activity, such as new accounts being opened in your name.
Place a fraud alert on your credit report: A fraud alert will put a note on your credit report that tells creditors to take extra steps to verify your identity before opening a new account in your name.
Consider freezing your credit report: A credit freeze will prevent creditors from accessing your credit report without your permission. This will make it more difficult for someone to open a new account in your name.
Monitor your accounts: Be sure to monitor your accounts for any unauthorized activity. If you see anything suspicious, contact your bank or credit card company immediately.
Hitachi Energy is offering free credit monitoring and identity theft protection to affected employees. You can sign up for this service by visiting the Hitachi Energy website.
How can you protect yourself from data breaches?
In addition to taking the steps above, there are a number of things you can do to protect yourself from data breaches. These include:
Use strong passwords: Your passwords should be at least 12 characters long and include a mix of upper and lowercase letters, numbers, and symbols.
Change your passwords regularly: You should change your passwords every 3-6 months.
Be careful about what information you share online: Don't share your social security number, date of birth, or other sensitive information online unless it is absolutely necessary.
Be aware of phishing scams: Phishing scams are emails or text messages that appear to be from a legitimate source, such as your bank or credit card company. These emails or text messages will often ask you to provide personal information, such as your password or credit card number. Do not click on links or open attachments in these emails or text messages.
Use a security solution: A security solution, such as a firewall or antivirus software, can help protect your computer from malware and other threats.
