The U.S. arm of Israeli defense contractor Elbit Systems said its network was hacked in early June and employees’ personal information was stolen. Elbit Systems U.S. said in a notice filed with the Maine Attorney General’s office that 369 employees were affected by the data breach, which included employee names, addresses, dates of birth, direct deposit information, ethnicity and social Security number.
In the notice, the Texas-based company shared few details other than to say that “an attempt was made to interfere with Elbit’s network operations” and that its investigation and data disaster recovery was ongoing.
Elbit Systems USA did not attribute the breach to a specific threat group or government, nor did it say why it believed it was attacked. Spokespeople for Elbit in the U.S. and Israel did not respond to requests for comment.
Parent company Elbit Systems, headquartered in Haifa, Israel, is a defense technology and electronics giant that manufactures unmanned aircraft, electronic warfare systems and other intelligence gathering, reconnaissance and surveillance systems for militaries and governments around the world.
Elbit also has a presence in the surveillance software market. In 2015, Elbit bought Nice Systems’ cyber and intelligence unit for about $160 million and spun it off into a subsidiary called Cyberbit. Two years later, researchers at internet watchdog Citizen Lab discovered that commercial spyware built by Cyberbit was used to spy on Ethiopian dissidents in the US and UK. The Internet watchdog said the spyware posed as fake browser plug-ins designed to extract private user data, including emails, passwords and screenshots, from victims’ computers.
The Ethiopian government may have ordered surveillance, Citizen Lab said.
Elbit sold its stake in Cyberbit in 2020, becoming a minority shareholder after US private equity firm Charlesbank Capital Partners invested $70 million.
Cyberbit is one of several known spyware makers based in Israel, including NSO Group, Cytrox and Candiru.
Although there was no threat this time, data leakage was possible, and data protection is required. If there is critical data in the folder, Mandiant’s predicament may be considerably worse today. As a result, data breaches harm even security vendors, much alone regular businesses and individuals. As a result, our companies and individuals must take proactive efforts to safeguard data. Data can be backed up for disaster recovery to prevent all threats. Data protection software is now widely available and simple to use. Consider the popular virtual machine backup method. Virtual machines may run many operating systems at the same time, conserving both real and virtual resources. Virtual machine backup systems such as VMware Backup, Xenserver Backup, Hyper-V Backup, and others are now commonly used.