Ransomware attack on Extant Aerospace exposed sensitive personal data

U.S. defence-linked aerospace contractor Extant Aerospace said a data security incident it suffered in August last year compromised the sensitive personal information of more than 3,000 individuals.

 

Based in Melbourne, Extant Aerospace provides sustainment, manufacturing, and repair services for aerospace and defense electronics, supplying complex electronic assemblies to U.S. Department of Defense agencies.

 

In a data security incident notice filed with the Office of the Maine Attorney General, Extant Aerospace said that on August 23, it detected a ransomware attack affecting portions of its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities about the same.

 

“Following its investigation, Extant determined that an unauthorised actor accessed certain Extant systems and may have acquired personal information of some current and former employees and other individuals,” reads the notice.

 

The compromised data included names, addresses, dates of birth and Social Security Numbers. The filing with the Maine state regulator’s office also states that Extant Aerospace have identified at least 3,012 individuals who were affected by the incident.

 

The defence contractor has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

 

It has also offered two years of complimentary identity protection and credit monitoring services through Epiq to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Extant Aerospace. The company also did not share details on who was behind the attack, how much data was compromised, or whether it had received a ransom demand.