Nov 7, 2021
74 Views
0 0

US defense contractor Electronic Warfare hit by data breach

Written by

Ukraine links members of Gamaredon hacker group to Russian FSB
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
US targets DarkSide ransomware, rebrands with $10 million reward
Samsung sued for flawed Chromebook hinges cracking displays
OneDrive reaches end of support on Windows 7, 8 in January
This 3-course bundle helps you master PivotTables in Microsoft Excel
The Week in Ransomware – November 5th 2021 – Placing bounties
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Radar system
US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system and stole files containing personal information.
The company claims the breach’s impact was limited but confirmed that the threat actor managed to exfiltrate files containing sensitive information.
As detailed in a notice to the Montana Attorney General’s office, EWA discovered that a threat actor took over one of their email accounts on August 2, 2021.
The firm noticed the infiltration when the hacker attempted wire fraud, which appears to be the primary goal of the actor.
“Based on our investigation, we determined that a threat actor infiltrated EWA email on August 2, 2021. We were made aware of the situation when the threat actor attempted wire fraud,” reads EWA’s data incident notification.
“We have no reason to believe the purpose of the infiltration was to obtain personal information. Nevertheless, the threat actor’s activities did result in the exfiltration of files with certain personal information (as described below).”
Based on the investigation that followed, it was discovered that names, social security numbers (SSNs), and the driver’s license of the notice recipients were also stolen.
As such, the wire fraud attempt may have been a distraction, which is entirely plausible for sophisticated actors who are interested in targeting highly-sensitive firms of this type.
It is unclear if the stolen information affects only the company’s employees and whether or not technical documents have also been stolen during the incident.
In response to the security lapse, the company is now offering a two-year subscription to identity theft protection services through Equifax.
Moreover, the notice urges recipients to monitor their credit reports and financial account statements closely.
EWA is a specialist in high-tech defense hardware and software solutions for communication, access control, simulation, training, management, testing, and monitoring systems (radars).
Many of these products are made for highly sensitive customers, including the U.S. Department of Defense (Army, Navy, Air Force, DARPA, OSD), the Department of Justice, and Homeland Security (DHS).
A data breach on the firm’s email systems may have also compromised military technology secrets as EWA develops and designs these products internally.
EWA also develops commercial products through subsidiary brands like Corelis (electronic testing and analysis) and Blackhawk (debugging tools).
We have reached out to EWA asking for more details about the hacking incident and the exact impact it has on them, and we will update this post if we receive a response.
Microsoft: Iran-linked hackers target US defense tech companies
UK Labour Party discloses data breach after ransomware attack
FBI: Ransomware gangs hit several tribal-owned casinos in the last year
US targets DarkSide ransomware, rebrands with $10 million reward
FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud
Not a member yet? Register Now
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
Mozilla Thunderbird 91.3 released to fix high impact flaws
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

Article Categories:
Cybersecurity News

Comments are closed.