According to Japanese business news outlet Nikkei, virtual private network (VPN) data from 38 Japanese firms was among over 900 worldwide companies that have been compromised since moving to work from home.
Citing Japan's National Center of Incident Readiness and Strategy for Cybersecurity, Nikkei reported that companies such as Hitachi Chemicals, Sumitomo Forestry and Confederation of Japan Automobile Workers' Unions have been targeted by "Russian-language hackers" who proceeded to trade their data over the dark web.
Access to VPN login and passwords as well as other personal employee data allows hackers privileged acces to these companies and their clients upload viruses and carry out other illicit activity, Nikkei reported.
The Japan-based companies in question have used VPN service from the US-based firm Pulse Secure, which warned of a vulnerability in its software.
Many companies were lax about setting up extra layers of security when employing ready-made connections for remote work, the outlet reported, citing cybersecurity experts.
No details as to the origin or backing of the hackers was given, other than the fact that they were Russian language users.