Security Experts:

Connect with us

Hi, what are you looking for?



Rail Company Wabtec Says Data Stolen in Ransomware Attack

Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year.

Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year.

The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees.

In a data breach notice, Wabtec says branches in the US, Canada, UK, and Brazil were impacted by the cyberattack.

The incident was discovered on June 26, 2022, but the attackers had access to Wabtec’s network much earlier, and had deployed malware on certain systems on March 15, 2022.

“Wabtec, with the assistance of leading cybersecurity firms, assessed the scope of the incident to, among other things, determine if personal data may have been affected. Additionally, shortly after discovery of the event, Wabtec notified the Federal Bureau of Investigation,” the company says.

The attackers accessed systems containing sensitive information and, on June 26, exfiltrated some of the data, Wabtec says.

“The information was later posted to the threat actor’s leak site. On November 23, 2022, Wabtec, with the assistance of data review specialists, determined that personal information was contained within the impacted files,” Wabtec says.

Exposed information includes names, birth dates, gender, passport numbers, employee identification numbers, health service numbers, social insurance (non-US) and Social Security (US) numbers, IP addresses, medical information, photographs, financial account and payment card data, usernames and passwords, biometric information, and more.

While Wabtec did not share information on the type of cyberattack it suffered, in August 2022, the LockBit ransomware gang published data allegedly stolen from the company.

Related: New Zealand Government Hit by Ransomware Attack on IT Provider

Related: Hive Ransomware Gang Hits 1,300 Businesses, Makes $100 Million

Related: Lorenz Ransomware Gang Exploits Mitel VoIP Appliance Vulnerability in Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack