Hackers breached U.S. satellite tv for pc maker Maxar Area Programs and accessed private knowledge belonging to its workers, the corporate informs in a notification to impacted people.
The risk actor compromised the corporate community a couple of week earlier than the invention of the intrusion.
Instantly after discovering the unauthorized entry, the corporate took motion to forestall the hackers from reaching additional into the system.
“Our data security workforce found {that a} hacker utilizing a Hong Kong-based IP handle focused and accessed a Maxar system containing sure information with worker private knowledge,” reads the data breach notification.
“Once we found this on October 11, 2024, we took instant motion to guard additional unauthorized entry to the system. Nonetheless, in keeping with our investigation, the hacker seemingly had entry to the information on the system for about one week earlier than this motion was taken,” the corporate informs.
Maxar Area Programs is a significant participant within the American aerospace business, thought-about an skilled in constructing communicatin and Earth remark satellites.
The Colorado-based firm has constructed greater than 80 satelliets which can be at present on orbit, and its expertise has contributed to house exploration. The Maxar 1300 platform performed a key half for the success of NASA’s Psyche mission and its energy and propulsion components had been used for the Artemis Moon exploration program.
Maxar Area Programs says that the attacker seemingly has entry to a system that contained the next worker data:
- Identify
- Dwelling handle
- Social security quantity
- Enterprise contact data
- Gender
- Employment standing
- Worker quantity
- Job title
- Rent/termination and position begin dates
- Supervisor
- Division
The corporate clarified that no checking account data was uncovered within the cybersecurity incident.
Present workers impacted by the incident are provided IDShield indentity safety and credit score monitoring companies, whereas former workers have till mid-February 2025 to enroll in id theft safety companies from IDX.
Though the data breach disclosure notifies of non-public knowledge for workers being uncovered, in some instances such compromises additionally influence proprietary technical knowledge.
On a associated word, a risk actor claimed in July to have scraped the person base of GeoHIVE, a geospatial intelligence platform by Maxar Applied sciences, the father or mother firm of Maxar Area Programs.
BleepingComputer has contacted Maxar Applied sciences to ask about the potential for confidential expertise knowledge publicity and a potential hyperlink to the scraping incident, however a remark wasn’t instantly obtainable.
