Sensitive information about nuclear power plants has been leaked over the internet from a virus-infected computer.
According to the Japanese press, approximately 40Mbytes' worth of confidential reports related to nuclear power plant inspections over several years was leaked from a virus-infected computer belonging to an employee of Mitsubishi Electric Plant Engineering.
The data is said to have been distributed to users of the Winny peer-to-peer file-sharing system. Winny is one of the most popular file-sharing networks in Japan, with over 250,000 users.
According to officials, the leak occurred when a 30-year-old engineer used his home PC for company business. The PC was infected with an unnamed computer virus which is said to have enabled Winny users across Japan to access the sensitive information.
The leaked data included photographs of the insides of nuclear power plants and the names and addresses of inspecting engineers.
“The fall-out from this breach acts as an unpleasant reminder that all businesses need to take computer security seriously. If you allow your employees to put sensitive company data onto their own home computers, you are running the risk that they will not be as well defended as the PCs within your organisation,” said Graham Cluley, senior technology consultant at security software company Sophos.
“Security at power plants should be at an all-time high, but it needs to extend beyond the physicality of barbed wire and high walls and encompass information security too,” he added.
Sites referred to in the leaked data include Kansai’s Mihama nuclear plant and a power station in Tsuruga, as well as pressurised water reactors in Tomari and Sendai.