Elbit Systems of America, a subsidiary of Israel's Elbit Systems, has confirmed a data breach, just months after a ransomware group claimed to have compromised the company's systems.
The Fort Worth, Texas-based company stated in a notification to the Maine Attorney General's office that the breach occurred on June 8 and was discovered the same day. According to the report, only 369 individuals are impacted.
Elbit discovered the breach after observing unusual activity on its network, according to a notification sent to impacted customers by a law firm on its behalf. The network was immediately shut down, and security measures were implemented.
According to an investigation aided by a cybersecurity firm, the attacker may have obtained information belonging to specific employees, such as name, address, social security number, date of birth, direct deposit information, and ethnicity. Individuals affected were notified in July and offered a year of free identity protection and credit monitoring services, according to the company.
Elbit Systems of America provides solutions in the areas of defence, commercial aviation, homeland security, medical instrumentation, law enforcement, and sustainment and support.
In late June, the Black Basta ransomware group announced that it had hacked Elbit Systems of America. According to the group's Tor-based leak website, all of the files stolen from Elbit have been made public, indicating that the defence company has declined to pay the hackers' ransom.
At the time of writing, the Black Basta website was extremely slow and only displayed a few documents reportedly stolen from the defence contractor, including a payroll report, an audit report, a confidentiality agreement, and a non-disclosure agreement. Elbit has been contacted for more information about the incident by SecurityWeek.
The Black Basta ransomware operation first surfaced in April, and cybersecurity experts have discovered links to the notorious Conti group. In order to increase its chances of getting paid, the operation employs a double extortion strategy that involves encrypting files and stealing valuable data from compromised systems. The group has grown into a major threat, with approximately 100 victims listed on the Black Basta leak website.
Elbit Systems of America has previously been targeted by hackers. In 2018, the company admitted to being targeted after a hacker allegedly stole account information from its systems. However, it did not confirm an actual breach or data theft at the time.
