Following our announcements dated March 18, 2025, and April 11, MinebeaMitsumi Inc. has completed its internal investigation into the unauthorized external access of its network, with the cooperation of security experts and related organizations. We would like to report the finalized assessment of the impact and the measures implemented to prevent recurrence as outlined below.

1. Impact

As a result of this investigation, information detailed below may have been exposed to external parties. At present, no unauthorized leakage of information has been established beyond the items reported in our second notice. Affected individuals have been provided with appropriate individual explanations.

a) Personal Information

Personal information related to certain MinebeaMitsumi customers and business partners

• Details: Data including name, address, company name, job title, telephone number, and email address.
• No. of records: Approximately 3,800

Personal information related to certain current and former shareholders of MinebeaMitsumi

• Details: Data including name, address, and number of shares held.
• No. of records: Approximately 30,000 (before de-duplication: approx. 124,000)

Personal information of certain employees of MinebeaMitsumi group

• Details: Data including name, address, telephone number, and email address.
• No. of records: Approximately 4,800

b) Non-personal information, primarily that of corporate customers and business partners

Direct explanations have been provided by our sales department staff to clients and business partners whose information may have been compromised.
All network security inspections are now complete, and all systems are operating securely and without any issues. Consequently, our network is functioning smoothly and safely. Furthermore, the investigation confirmed no impact on business operations or evidence of secondary damage, such as the unauthorized use of information, resulting from this incident.

2. Cause of the Incident

The incident was caused by unauthorized access by a malicious third party to our network equipment, leading to the compromise of an administrator account and subsequent unauthorized internal intrusion.

3. Preventive Measures to Avoid Recurrence

Following a thorough review of all details of the unauthorized access and its contributory factors, the following measures have been implemented on all affected devices with the aim of preventing a recurrence:

• External intrusion routes have been blocked to prevent recurrence, and multi-factor authentication measures have been strengthened.
• Communication restrictions at internet connection boundaries have been reinforced to prevent data leakage.
• Accounts suspected of having been used by the attacker have been deactivated.
• All passwords for administrator and user login accounts have been changed.

In addition, a full scan of all devices unaffected by the unauthorized access was performed using updated security software.
Going forward, the following additional preventive measures are planned for implementation:

• The vulnerability management framework for all network-connected devices will be reviewed, and inter-site communication restrictions will be enhanced.
• The server recovery framework will be revised, and the management of administrator privileges will be strengthened.
• The operation of the 24/7 Global Security Operations Center will be enhanced to monitor and block suspicious internal and external communications, thereby improving response capabilities.
• Emergency response and recovery scenarios for security incidents will be developed, and regular drills will be conducted.

4. Contact Information

For any inquiries regarding this matter, please contact the following department:

Corporate Communications and Investor Relations Office
Phone: +81-(0)3-6758-6703 Fax: +81-(0)3-6758-6718
E-mail: koffice@minebeamitsumi.com

Back to 2025 Information List

It ends about main text.