Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months.
A possible security compromise involving personal information related to email interactions was discovered by NISC.
Threat actors most likely gained access to one of the agency members' email accounts.
International and local corporate and governmental partners received emails from NISC alerting them to the potential for data compromise.
Source: https://securityaffairs.com/150041/intelligence/japan-nisc-infiltrated.html
TPRM report: https://scoringcyber.rankiteo.com/company/nisc
"id": "nis25011923",
"linkid": "nisc",
"type": "Breach",
"date": "08/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Cybersecurity',
'location': 'Japan',
'name': 'National Center of Incident Readiness and '
'Strategy for Cybersecurity (NISC)',
'type': 'Government Agency'}],
'attack_vector': 'Email Compromise',
'data_breach': {'type_of_data_compromised': 'Personal Information'},
'description': 'A possible security compromise involving personal information '
'related to email interactions was discovered by NISC. Threat '
'actors most likely gained access to one of the agency '
"members' email accounts. International and local corporate "
'and governmental partners received emails from NISC alerting '
'them to the potential for data compromise.',
'impact': {'data_compromised': 'Personal Information',
'systems_affected': ['Email Accounts']},
'initial_access_broker': {'entry_point': 'Email Account'},
'response': {'communication_strategy': 'Emails sent to international and '
'local corporate and governmental '
'partners'},
'title': 'Infiltration of Japan’s National Center of Incident Readiness and '
'Strategy for Cybersecurity (NISC)',
'type': 'Data Breach'}