Elbit Systems of America Alerts Employees of Ransomware Attack
Table of Contents
- By Steven
- Published: Sep 29, 2022
- Last Updated: Sep 30, 2022
Elbit Systems Ltd. is an international electronic defense company based out of Israel. The American branch, Elbit Systems of America, recently announced that it had been breached. No customer information was stolen or accessed during the attack, and only a few hundred employee accounts were compromised. It may appear to be a contradiction of words, but just 300 employees out of 17,000 is a mercy for the company.
How Did the Attack Occur?
The breach was the result of a ransomware attack. The Black Basta Ransomware group has claimed responsibility for the attack, adding the company name and information to their leak site. Black Basta uses their own type of hacking, and similar to many other ransomware groups, they use a double-extortion attack method. They encrypt the files, contact the victim, and state their "fee." They threaten the victims; they'll publish all the client or employee data on their website and blog if the company won't pay the ransom within the allotted time or if they attempt to contact law enforcement.
What Information Was Viewed or Stolen?
The personal information of 369 employees was accessed during the breach. This includes the full names, social security numbers, addresses, ethnicities, and birthdays of the affected employees. "Out of an abundance of caution," Elbit Systems has warned all of their employees, not just the affected staff members.
How Did Elbit Admit to the Breach?
Elbit Systems of America notified employees of the breach on September 14th, 2022. The notification is available as a downloadable pdf on the Maine attorney general’s website. It explains the hack, the effects, and the steps that Elbit is taking to keep employees safe in the future. Elbit offered twelve months of “IDX, single bureau credit monitoring, CyberScan dark web monitoring, fully managed identity recovery services, and $1 million in identity theft insurance coverage” to anyone affected by the breach.
What Will Become of the Stolen Information?
All information about Black Basta suggests they will hold the information for ransom. They most likely will or already have blackmailed Elbit, exchanging money for the supposed deletion of the data. If the ransom isn't met, Black Basta will post the personal information on their TOR site. They hacked the American Dental Association in April 2022, publishing the ADA servers' data only 96 hours later. People are speculating whether or not Black Basta has something to do with Qakbot or Conti due to their similarities in style and method.
What Should Affected Parties Do in the Aftermath of the Breach?
Affected individuals should invest in identity theft software like the one offered by Elbit Systems. Anyone who may have been affected or harmed by the breach should watch their backs online. Professionals suggest you keep an eye on your credit scores and reports, plus use software that will alert you if you have any infected files or if your personal information appears online. You shouldn't need to worry about your safety online; taking these steps should help you rest easier.
