US Giant Maxar Space Systems Reveals July Data Breach Exposing Employee Details
Published on November 19, 2024
- Maxar Space Systems released a data breach notification announcing a July security incident exposed employee information.
- A hacker gained unauthorized access to the company’s environment by leveraging a Hong Kong-based IP address.
- Yet, Maxar only discovered the third-party access on October 11 and took measures to prevent further compromise.
Maxar Space Systems, a leading name in the American aerospace industry renowned for building communication and Earth observation satellites, has revealed a significant security breach involving employee data.
The company confirmed that the breach involved unauthorized access by a hacker leveraging a Hong Kong-based IP address. The intruder infiltrated Maxar's network approximately a week before detection, gaining access to a system containing sensitive employee data.
Upon discovery on October 11, 2024, Maxar's information security team acted promptly to curb further unauthorized access. However, the extent of the breach was alarming, with personal data such as:
- Name
- Home Address
- Social Security Number (SSN)
- Business contact information (business phone, location. business email, etc)
- Gender
- Employment Status
- Employee Number
- Job title
- Hire date, role start date, and, if applicable, termination date
- Supervisor
- Department
The notice also mentioned no financial details such as back account or date of birth were not available in the files.
Current and former employees affected by this breach are being provided identity protection services, which include monitoring for identity theft concerns, reflecting best practices in corporate responses to such incidents.
The incident follows previous claims from a threat actor in July, asserting unauthorized access to GeoHIVE, Maxar Technologies' geospatial intelligence platform. This compounding issue raises significant questions about data security measures within Maxar Technologies.
In other news, Amazon confirmed the MOVEit-related security incident exposed employee information after a hacker claimed the breach on a cybercriminal forum recently. Lenovo, HP, HSBC, McDonald's, and more are also on the leak list posted on the hacker forum.
Last month, security researchers discovered an Amazon Web Services Cloud Development Kit vulnerability that could have led to a full account takeover.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular