Home > Security > Security News

Phishing Attack Targets Defense Giant ‘General Dynamics’, Employees Data Breached

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity & Streaming Writer
A hacker trying to do phishing attack

General Dynamics, a leading aerospace and defense contractor, has reported a successful phishing attack targeting its employees. The breach resulted in the compromise of dozens of employee benefits accounts, exposing sensitive personal and financial information.  

The compromised accounts allowed attackers to access a wide range of personal information, including names, dates of birth, government-issued identification numbers, Social Security numbers, bank account details, and disability status. 

For some victims, bank account information was altered within the compromised benefits accounts.  

The unauthorized activity was first identified on October 10, when the company detected unauthorized changes to employee benefits accounts accessible via a third-party login portal. Unauthorized access was first recorded on October 1. 

Threat actors executed the attack by deceiving employees into providing their login credentials on a phishing website designed to mimic legitimate access points.  

The attackers reportedly launched a fraudulent advertising campaign to lure General Dynamics employees to the phishing website. By imitating the Employee Self Service portal, the threat actors successfully harvested login credentials, which they then used to access the victims' Fidelity NetBenefits accounts. 

The malicious actor was then able to access the accounts of the employees who provided this information to the false third-party login site,” the company explained in a statement to the Maine Attorney General’s Office. General Dynamics confirmed that 37 employees were affected by the breach.  

General Dynamics stated that the attack exploited third-party authentication rather than compromising its internal business units. 

General Dynamics immediately suspended access to the affected Employee Self Service portal. Notification letters to impacted individuals began that same day, with additional notifications mailed this week.  

To mitigate the fallout, the company offers the affected individuals two years of complimentary credit monitoring. Impacted employees were also advised to reset their Fidelity account credentials and ensure those credentials are not reused across other platforms or services.  

In its communication with affected parties, General Dynamics reiterated the importance of securing Fidelity accounts and discontinuing the use of previously compromised credentials. The company emphasized that it is unaware of the ill use of exposed data.

Aerospace sectors worldwide were also targeted by Lazarus Group recently, as the threat actor deployed backdoors that target professionals.


Add a Comment
Related
Japan Airlines
Japan Airlines Suffers Disruptions in Domestic and International Flights, Possibly Due to Data Breach
Ransomware Attack Affects 5.6 Million Patients of Healthcare Giant Ascension
GPS Tracker Company ‘Hapn’ Exposes Thousands of Customers' Identities Due to Website Flaw
Meta Fined
Facebook's Parent Company Faces Record Fines in EU Over Massive 2018 Data Breach
Byte Federal Data Breach Exposes Images of 58K Bitcoin ATM Users and Transaction Activity
Rhode Island Ransomware Attack
Rhode Island Hit by Ransomware Attack Impacting Deloitte via RIBridges
Most Popular
The Killer (Peacock); The Fall Guy (Universal Pictures); The Bikeriders (Focus Features); The Instigators (Apple TV+)
2024 Movie Release Dates: Calendar for Theatrical and Streaming Dates
Grown-ish (Disney+); Pachinko (Apple TV+), Emily in Paris (Netflix);A Good Girl's Guide to Murder (Netflix). Batman: Caped Crusader (Prime Video); Are You Sure?! (Disney+)
2024 TV Premiere Dates: New & Returning TV Series Calendar
The Batman
Why is The Batman Sequel Delayed?
Ransomware Actor
Cl0p Ransomware Intends to Reveal Over 60 Victims of Cleo Cyberattack
Squid Game
What we know About Squid Game Season 3
D-Link Routers Flaw Exploited by FICORA and CAPSAICIN Botnets for Full Remote Control
2024 Movie Release Dates: Calendar for Theatrical and Streaming Dates
2024 TV Premiere Dates: New & Returning TV Series Calendar
Why is The Batman Sequel Delayed?
Cl0p Ransomware Intends to Reveal Over 60 Victims of Cleo Cyberattack
What we know About Squid Game Season 3
D-Link Routers Flaw Exploited by FICORA and CAPSAICIN Botnets for Full Remote Control

Most Popular
The Killer (Peacock); The Fall Guy (Universal Pictures); The Bikeriders (Focus Features); The Instigators (Apple TV+)
2024 Movie Release Dates: Calendar for Theatrical and Streaming Dates
Grown-ish (Disney+); Pachinko (Apple TV+), Emily in Paris (Netflix);A Good Girl's Guide to Murder (Netflix). Batman: Caped Crusader (Prime Video); Are You Sure?! (Disney+)
2024 TV Premiere Dates: New & Returning TV Series Calendar
The Batman
Why is The Batman Sequel Delayed?
Ransomware Actor
Cl0p Ransomware Intends to Reveal Over 60 Victims of Cleo Cyberattack
Squid Game
What we know About Squid Game Season 3
D-Link Routers Flaw Exploited by FICORA and CAPSAICIN Botnets for Full Remote Control
2024 Movie Release Dates: Calendar for Theatrical and Streaming Dates
2024 TV Premiere Dates: New & Returning TV Series Calendar
Why is The Batman Sequel Delayed?
Cl0p Ransomware Intends to Reveal Over 60 Victims of Cleo Cyberattack
What we know About Squid Game Season 3
D-Link Routers Flaw Exploited by FICORA and CAPSAICIN Botnets for Full Remote Control

© 2024 TechNadu, a part of Leaprove Media LLP. All Rights Reserved.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: