US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system. The company confirmed that attackers exfiltrated files containing sensitive information.
Electronic Warfare Associates provides electronic equipment to the US government, the list of customers includes the Department of Defense (DOD), the Department of Homeland Security (DHS), and the Department of Justice (DOJ).
The company attempted to downplay the security breach, according to a notice of data incident sent to the Montana Attorney General’s office, EWA bacame aware of a recent phishing incident that had some limited impact on EWA email accounts on August 2, 2021.
The experts at the company believe that the attackers attempted wire fraud.
“Based on our investigation, we determined that a threat actor infiltrated EWA email on August 2, 2021. We
were made aware of the situation when the threat actor attempted wire fraud. We have no reason to believe
the purpose of the infiltration was to obtain personal information. Nevertheless, the threat actor’s activities did
result in the exfiltration of files with certain personal information (as described below).” reads the notice of data incident published by the company.
The investigation conducted by the company with the help of third-party forensics firm revealed that threat actors stole names, social security numbers (SSNs), and the driver’s license of the notice recipients were also stolen.
The company did not reveal if the attackers gained access to confidential technical documents as a result of the attack.
At this time Electronic Warfare Associates is not aware of misuse of the stolen information.
The company is offering to the impacted individuals free fraud detection and identity theft protection through Equifax’s Complete Premier services for two years.
“We encourage you to remain vigilant, including by reviewing your credit reports and financial account
statements closely. We also recommend that you pay close attention to any suspicious activity that could be
related to identity theft, including communications from the IRS.” concludes the notice.
This isn’t the first time that the company was the victim of a cyber attack. In January 2020, Electronic Warfare Associates (EWA) has suffered a ransomware attack, its web servers were infected with Ryuk ransomware.
(SecurityAffairs – hacking, EWA)