Elbit Systems of America, which is the US branch of an Israeli defense contractor, Elbit, has confirmed that its network was targeted by cybercriminals in early June 2022. Resultantly, the personal data of its employees was stolen.
The Texas-based firm hasn’t shared many details on the data breach, but it did reveal that the attack disrupted its ‘cyber operations.’
According to the breach notification issued by the Maine attorney general’s office, the American arm of Elbit’s network has suffered a data breach. Around 369 Elbit Systems employees got their information stolen by the attackers.
As per the company, exposed data includes employee names, dates of birth, addresses, ethnicity, direct deposit information, and Social Security Numbers. The company’s spokesperson in America and any representative from its parent organization in Israel haven’t commented on the incident yet.
Who is the Attacker?
As per Elbit Systems of America, the investigation is still going on. At the moment, it is difficult to attribute this attack to a specific hacker, cybercrime gang, or nation-state. The company is also unsure about the objective behind this attack.
- Iran-linked hackers hit Israeli, US, and EU defense tech firm
- Dark web hacker leaks sensitive Indian defense contractor data
- Meet SockDetour fileless backdoor targeting U.S. Defense contractors
- Hackers Posing as Women to Con Israeli Officials into Installing Malware
- Unknown TA2541 group attacking aviation and defense sectors since 2017
For your information, Elbit Systems is an electronics and defense tech firm. It mainly builds unmanned aerial drones, intelligence gathering, espionage, and surveillance-related systems for governments and militaries, electronic warfare systems, and similar equipment and sells it worldwide.
The company also creates surveillance software. It acquired Nice Systems’ cyber and intelligence unit in 2015 for a whopping $160 million and renamed it Cyberbit.
As noted by TechCrunch, internet watchdog Citizen Lab’s research found that Cyberbit’s commercial spyware was used for espionage activities against Ethiopian dissidents in the USA and the UK.
This spyware could steal users’ private data from the targeted device, including passwords, screenshots, and emails. However, it is also suspected that the Ethiopian government itself ordered the spying activity.