Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Rail Company Wabtec Says Data Stolen in Ransomware Attack

Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year.

Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year.

The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees.

In a data breach notice, Wabtec says branches in the US, Canada, UK, and Brazil were impacted by the cyberattack.

The incident was discovered on June 26, 2022, but the attackers had access to Wabtec’s network much earlier, and had deployed malware on certain systems on March 15, 2022.

“Wabtec, with the assistance of leading cybersecurity firms, assessed the scope of the incident to, among other things, determine if personal data may have been affected. Additionally, shortly after discovery of the event, Wabtec notified the Federal Bureau of Investigation,” the company says.

The attackers accessed systems containing sensitive information and, on June 26, exfiltrated some of the data, Wabtec says.

“The information was later posted to the threat actor’s leak site. On November 23, 2022, Wabtec, with the assistance of data review specialists, determined that personal information was contained within the impacted files,” Wabtec says.

Exposed information includes names, birth dates, gender, passport numbers, employee identification numbers, health service numbers, social insurance (non-US) and Social Security (US) numbers, IP addresses, medical information, photographs, financial account and payment card data, usernames and passwords, biometric information, and more.

While Wabtec did not share information on the type of cyberattack it suffered, in August 2022, the LockBit ransomware gang published data allegedly stolen from the company.

Related: New Zealand Government Hit by Ransomware Attack on IT Provider

Related: Hive Ransomware Gang Hits 1,300 Businesses, Makes $100 Million

Related: Lorenz Ransomware Gang Exploits Mitel VoIP Appliance Vulnerability in Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.