FRONTEO Experiences Ransomware Attack

Word is getting out that FRONTEO experienced a ransomware attack on May 11th which has crippled its US operations. Here’s what I have found out so far.

Via this Tweet which reported the cyberattack this past Monday, I found a link to a News page on the FRONTEO site titled “Unauthorized access to our US subsidiary” from the same day, addressed by Masahiro Morimoto, President and CEO, which said one simple line (it should be noted that FRONTEO is a Japanese company, so I assume this was a statement that originated in Japanese):

“We are pleased to inform you that on May 2022, 11 (US time), we confirmed that FRONTEO USA, Inc., our US subsidiary, had unauthorized access.”

That page also contains a link to a PDF letter, written in Japanese. I don’t read or speak Japanese, but I ran the Japanese content through Google translate and got this:

“On May 11, 2022 (US time), our US subsidiary FRONTEO USA, Inc. (hereinafter, FRONTEO) In USA), the data on the data center of FRONTEO USA is seen as ransomware. I confirmed that there was a set.

Currently, we are conducting a detailed investigation by our security-related departments and external specialized research organizations. vinegar. Blocking FRONTEO USA’s network to prevent the spread of damage, causing unauthorized access, customers. We are proceeding with the investigation on the impact on the project data and the restoration work in parallel, but when the investigation is completed, it is expected that it will take some time for business to be restored at FRONTEO USA.

We are deeply concerned that we have caused inconvenience and concern to our customers and other related parties. We apologize for the inconvenience.

The impact of this matter on our business performance is under scrutiny. Matters to be disclosed while proceeding with the investigation. If it does occur, we will promptly disclose it.

that’s all”

FRONTEO’s USA page appears normal, but I have heard from someone with reported knowledge of the situation that the ransomware group (unknown by my contact) has reportedly demanded 15 million in Bitcoin to not publish the data online, and that FRONTEO’s servers and Relativity instance are down. I should note that this information (to my knowledge) has not been publicly confirmed by FRONTEO at this time.

I’m sure we will hear more soon about the ransomware attack, and I will follow up with more information as I find it out. This isn’t the first eDiscovery company to be hit with ransomware and it certainly won’t be the last. Be careful out there!

So, what do you think?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.


Leave a Reply