Tokyo, Feb. 13 (Jiji Press)–The cyberattack against Mitsubishi Electric Corp. <6502> started in March last year, targeting a server at a foothold in China, the company has said.

The server was hacked on March 18, 2019, and infection with malware that can be controlled remotely spread, according to the major Japanese machinery maker’s in-house investigation report released on Wednesday.

Hacking then started at the company’s computers in Japan via the server in China, Mitsubishi Electric said, noting that Japanese Defense Ministry-related and other information may have leaked from the firm by the time it could completely block the hacking last July.

The company said that it was unable to track down the hacker. The cyberattack on the company came to light last month.

Among the possibly leaked information were sensitive data on equipment for the ministry, the company said, noting that they were documents including required performances compiled toward bidding for a prototype for research.

Mitsubishi Electric transformed the original paper documents provided by the ministry into electronic files and stored them in a networked computer.

The paper documents should have been kept in a room dedicated for storage, without being converted into an electronic form, the company said, admitting its inadequate data management.

The ministry is investigating the possibility of any other highly confidential defense data having leaked from the company.Mitsubishi Electric said the company has reconfirmed that sensitive information on social infrastructure, confidential information on technologies and important information stated under contracts with clients, did not leak.