Aerospace and defense giant General Dynamics says threat actors compromised dozens of employee benefits accounts after a successful phishing campaign targeting its personnel.
The unauthorized activity was discovered on October 10, after the attackers had accessed and made changes to the employee benefits accounts through a login portal hosted by a third party.
According to the company, the attackers ran a fraudulent advertising campaign that directed General Dynamics employees to a phishing site where they were deceived into entering their usernames and passwords.
“The malicious actor was then able to access the accounts of the employees who provided this information to the false third party login site,” General Dynamics told the Maine Attorney General’s Office. A total of 37 people were affected, the company said.
The compromised employee benefits accounts allowed the attackers to access personal information such as names, dates of birth, government-issued identification numbers, Social Security numbers, bank account information, and disability status.
General Dynamics says the attackers in some cases changed bank account information in compromised accounts. The owners of these accounts were notified starting on October 10. This week, the company started mailing written notification letters to the other impacted people.
“Available evidence indicates that the instances of unauthorized access at issue were authenticated through the third party, and not directly through any GD business units. GD is not currently aware of any ongoing harm or risk to the affected employees as a result of this incident,” the company told the Maine AGO.
In the notification letter, a copy of which was submitted to the Maine AGO, General Dynamics tells the impacted individuals that the threat actors accessed their Fidelity NetBenefits accounts via the Employee Self Service portal using compromised credentials obtained through the phishing website.
The attackers started accessing the employee accounts on October 1 and General Dynamics suspended access to the service immediately after discovering the attack. The company is providing the affected individuals with two years of free credit monitoring.
“If you have not already done so, you should reset your login credential to your Fidelity account and not reuse the prior credentials there, or in any other accounts you use,” General Dynamics told the affected people.
Earlier this year, US-based financial services company Fidelity notified tens of thousands of individuals that their personal information was compromised in two data breaches. One affected 28,000 Fidelity Investments Life Insurance Company customers, while the other impacted more than 77,000 Fidelity Investments customers.
Related: American Addiction Centers Data Breach Impacts 422,000 People
Related: Organizations Warned of Rise in Okta Support Phishing Attacks
Related: Sophisticated Phishing Kit Used by Multiple Groups to Target Executives
