Reportedly, the Cl0p ransomware gang leaked the data after the company refused to pay the ransom.
The Canada-based business and commercial aircraft manufacturer Bombardier has confirmed that it has become a victim of the devastating Accellion FTA cyberattack after its data appeared on a Dark Web website operated by the Cl0p ransomware gang.
However, the company claims that it was a limited breach where an unauthorized party extracted data after exploiting a third-party FTA vulnerability to gain access.
The company said its Accellion instance was operating through purpose-built servers isolated from its main network.
“The ongoing investigation indicates that the unauthorized access was limited solely to data stored on the specific servers. Manufacturing and customer support operations have not been impacted or interrupted,” Bombardier’s official statement read.
Accellion’s press release revealed that around 300 of its customers ran the FTA servers, out of which 100 were attacked and 25 suffered data theft. The attackers then started an extortion campaign asking the impacted organizations for ransom payments and threatened to leak the stolen data. That’s exactly what has happened with Bombardier.
Confidential Data Compromised
According to Bombardier, forensic analysis indicates that personal and confidential data relating to “employees, customers, and suppliers” was compromised.
Furthermore, around 130 employees in Costa Rica were affected. It also confirmed that the target wasn’t the specific target because it impacted multiple organizations that used the application.
“Bombardier has been proactively contacting customers and other external stakeholders whose data was potentially compromised.”
“Bombardier will continue to assess the situation and stay in close contact with its clients, suppliers, and employees, as well as other stakeholders,” the company stated.
Hackers Leaked Military Spy Plane Data on Dark Web
According to the reports, the attackers have leaked details of a military spy plane manufactured by Bombardier. It is believed that hackers leaked the company’s data on the Dark Web after Bombardier refused to pay the ransom.
The leak is posted on CL0P^_- LEAKS and shows the specs and mechanics for the “GlobalEye airborne early warning and control platform,” developed by a Swedish defense firm Saab.