May 16, 2024
TMT Machinery Inc.,

Regarding the unauthorized access incident that occurred on March 18, 2024, we have previously informed you through the first report dated March 26 and the second report dated April 9. We would like to provide you with updates on the progress of recovery and investigation, as well as newly discovered information. We deeply apologize for any inconvenience and concern caused to our customers and stakeholders.

1.Overview
On March 18, 2024, our company experienced a ransomware attack from an external third party, resulting in the encryption of data, including personal information, on our business systems. While there is a possibility that some data containing personal information was stolen, subsequent investigations have not confirmed any secondary damages associated with this. Additionally, we have confirmed that certain captured images of data believed to be taken from our company have been posted on the dark web; however, these do not contain personal information. The publication of data other than these captured images has not occurred, and it is also confirmed that downloading is not possible from this dark web. We have received messages from the third party demanding ransom payment, but we have not complied with these demands.

2.Status
Upon detecting the unauthorized access, we collaborated with a vendor responsible for system maintenance to initiate recovery and investigation efforts. We also reported and consulted with the Osaka Prefectural Police and the Personal Information Protection Commission. Subsequently, we engaged a specialized analysis firm to conduct thorough investigations, and under the guidance of legal advisors specializing in information security, we have been progressing with recovery and investigation efforts. Based on the findings from the analysis firm and our internal investigations, we have formulated measures to prevent recurrence.

3.Investigation Results
(1)Cause
It is believed that the third party gained access to our network and executed ransomware, which encrypts systems and data, rendering them unusable. However, the specific entry point has not been identified even through forensic investigations.

(2)Personal Information Potentially Subject to Leakage
Personal information that may have been subject to leakage includes the following. We are contacting affected customers individually wherever possible:

• Information regarding customers and business partners (contact names, phone numbers, email addresses, company names, department names, etc.)
• Information regarding employees, dispatched workers, retirees, and job applicants (names, dates of birth, addresses, phone numbers, email addresses, educational background, employment history, etc.)

For any inquiries regarding this matter, please contact us at the following address.

4.Outlook and Measures for Prevention of Recurrence
Currently, we are working with the vendor responsible for system maintenance to rebuild our business systems. Full recovery of the business systems is expected to take time, and in the meantime, we are taking manual measures based on available information to minimize the impact on our operations. We will provide individual explanations in advance to business partners who may be affected by delays in delivery schedules, etc.
In the recovery process, we are replacing all PCs, establishing a new network, and implementing new virus protection measures to ensure sufficient security. Furthermore, we will strive to enhance security standards throughout the company by providing education and training to employees and improve internal audits.

5.Contact Information
For inquiries regarding this matter, please contact your sales representative or use the following contact information:

We once again deeply apologize for any inconvenience and concern caused to our customers and stakeholders.




Regarding the Incident of Unauthorized Access to Our Company’s System (Report-1)

Regarding the Incident of Unauthorized Access to Our Company’s System (Report-2)