No Comments

General Electric investigates cyber attack and data theft

 

General Electric (GE) is investigating an alleged breach of the company’s development environment in a cyber attack. and leaked allegedly stolen data. The investigation began after, earlier this month, a threat operator, calling himself IntelBroker, announced on a hacker forum the sale for US$500 of access to the “development and software pipelines” of the American multinational in the energy and aerospace areas. .

After being unsuccessful in selling the alleged access, the threat operator reposted the ad, now offering both network access and the allegedly stolen data. “I previously listed access to General Electric, however, no serious buyers have actually responded or followed up with me. Now I’m selling everything here separately, including access (SSH, SVN, etc.)”, posted the hacker.

The data, he said, “includes a lot of military information related to Darpa [agência responsável por projetos de pesquisa avançada na área de defesa ligada ao Departamento de Defesa dos EUA], files, SQL files, documents. etc.”.

In a statement, GE confirmed that it is aware of the hacker’s posts and said it is investigating the alleged data breach. The company said it was recently informed that one of its service providers, Canon Business Process Services, suffered a data breach incident.

GE contracts with Canon to process documents for employees, former employees and beneficiaries entitled to benefits. While it claims that personal information on its systems was not affected by the security incident, the company said Canon will offer free identity protection and credit monitoring services to affected employees.

“After learning of the issue, we quickly began working with Canon to identify affected GE employees, former employees and beneficiaries. We understand that Canon has taken steps to protect its systems and determine the nature of the issue. Canon has also hired a data security expert to conduct a forensic investigation,” the company said in the statement.

Although the breach has not been confirmed, IntelBroker is a hacker known for successful and high-profile cyberattacks in the past. In March, he breached healthcare provider DC Health Link and claimed to have sold a stolen database containing the personal information of thousands of people.

 


See the original post at: CisoAdvisor

You might also like

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.