Wabtec Corporation disclosed a data breach that occurred in June, in which customer’s personal and sensitive information were leaked.
Wabtec Corporation disclosed a data breach that occurred in June, in which customer’s personal and sensitive information were leaked.
U.S. rail and locomotives company Wabtec says that on March 15, 2022, hackers breached their network and installed malware on specific systems.
On June 26, Wabtec detected unusual activity on their network leading to an investigation of the attack and whether the hackers had stolen data.
This stolen data exposed a wide variety of sensitive information, including:
- Full Name,
- Date of Birth,
- Non-US National ID Number,
- Non-US Social Insurance Number or Fiscal Code,
- Passport Number,
- I.P. Address,
- Photograph, Gender/Gender Identity,
- Employer Identification Number (EIN),
- USCIS or Alien Registration Number,
- NHS (National Health Service) Number (U.K.),
- Medical Record/Health Insurance Information,
- Salary, Social Security Number (U.S.),
- Financial Account Information,
- Sexual Orientation/Life,
- Payment Card Information,
- Account Username and Password,
- Biometric Information,
- Race/Ethnicity,
- Criminal Conviction or Offense,
- Religious Beliefs,
- Union Affiliation
Even though the company did not officially respond, news outlets reported that a ransomware attack impacted the rail giant.
LockBit published samples of stolen data on August 20, 2022, presumably after a ransom was not paid.
On December 30, Wabtec began notifying affected individuals but did not close how many were affected.
The company took additional steps to strengthen the security of its systems and operations by implementing more procedural safeguards.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?