US manufacturing giant Parker discloses data breach after a ransomware attack

Parker-Hannifin Corporation, one of the world’s largest manufacturers of advanced motion and control technologies, has announced a data breach that has exposed employees’ personally identifiable information (PII).

The Ohio-based company that designs and manufactures aerospace components for Airbus, Boeing, Sikorsky, Rolls-Royce, Lockheed Martin, and the Commercial Aircraft Corporation of China confirmed that a third party gained unauthorized access to Parker’s computer systems between March 11 and March 14, 2022.

Parker’s IT team activated its incident response protocols immediately after learning about the data breach, including shutting down certain systems. The company hired a forensic investigation firm and other third-party cyber security and incident response experts to conduct an investigation.

After discovering that threat actors had exfiltrated specific files from the firm’s computers, Parker notified law enforcement authorities of the data breach right away. After reviewing the stolen files, Parker discovered stolen data related to current and former employees enrolled in Parker’s Group Health Plans and their dependents.

The compromised data includes full name, Social Security Number (SSN), date of birth, home address, driver’s license number, passport number, financial account information (bank account and routing numbers), online account username and password, health insurance plan member ID number and health insurance dates of coverage. The exposed information also includes dates of service, health provider info, claims data, and clinical treatment details for a small subset of employees.

Although Parker-Hannifin did not say who attacked them in April, the Conti ransomware group claimed responsibility on April 1, 2022, when it published 3% of the data they allegedly stole. On April 20, the entire 419GB dataset was published, indicating that ransom negotiations had either failed or never occurred.

On May 12, 2022, Parker began mailing letters to people whose information may have been involved in the incident. Parker has arranged for all those notified to receive a complimentary two-year membership in Experian’s® IdentityWorksSM.