Ford ‘actively investigating’ breach claims • The Register

Ford Motor Firm says it’s wanting into allegations of a knowledge breach after attackers claimed to have stolen an inside database containing 44,000 buyer data and dumped the data on a cyber crime souk for anybody to “take pleasure in.”

“Ford is conscious and is actively investigating the allegations that there was a breach of Ford knowledge,” spokesperson Richard Binhammer advised The Register. “Our investigation is lively and ongoing.”

The erstwhile producer of the Edsel declined to reply our questions in regards to the potential compromise.

Claims of the assault got here on Sunday from an actor who goes by the moniker EnergyWeaponUser and, based on a screenshot shared on X, claimed to have uploaded a Ford database and made it accessible for anybody on the infamous BreachForums leak web site. EnergyWeaponUser bragged about breaking into the automaker’s community this month with an help from IntelBroker – one other well-known BreachForums participant.

The duo have beforehand tried to promote Nokia source code, AMD internal communications and Cisco files on the location.

The pair seem to have determined that no person would pay for the Ford information – which allegedly contains clients’ names, bodily areas and bought merchandise – so posted it with no demand for money.

We must always observe that The Register has not verified that the stolen knowledge is legit.

Plus, the particular person or individuals who hides behind the IntelBroker moniker can also be a BreachForums web site admin. And after resurrecting the stolen-data web site, the person or group has claimed a number of high-profile intrusions and knowledge gross sales – together with Europol, the Pentagon, Korea’s Ministry Of Protection, the US Army, and US retail large Home Depot.

Maxar House Techniques’ information misplaced in transmission?

In different probably severe breach information: Maxar House Techniques reported in a Friday filing [PDF] {that a} “hacker utilizing a Hong Kong-based IP tackle” broke into considered one of its programs containing workers’ private knowledge.

The satellite tv for pc producer revealed, in a letter despatched to people whose knowledge was stolen, that it found the intrusion on October 11. Nonetheless, “the hacker possible had entry to the information on the system for about one week earlier than motion was taken,” it added.

Stolen knowledge included names, residence addresses, social safety numbers, enterprise contact information, gender, employment standing, worker quantity, rent and role-start date, termination date, supervisor and division. Monetary data and dates of start weren’t current.

The information that was stolen gives attackers lots with which to conduct a social engineering assault – so present Maxar employees might want to train warning of their private {and professional} lives.

In an emailed assertion to The Register, a Maxar spokesperson confirmed that the breach was restricted to California-based Maxar House Techniques.

That issues as a result of one other Maxar division – Maxar Intelligence – focuses on satellite tv for pc imaging and geospatial insights.

“The actors had been capable of entry some private knowledge for a gaggle of workers. There was no operational affect,” the spokesperson defined. “Maxar House Techniques is working with all impacted workers to supply entry to id theft and credit score safety providers.”

The spokesperson declined to inform us what number of workers of Maxar House Techniques had been affected: “We’re not disclosing extra particulars on the breach at the moment.” ®