Picture: Dismas (CC BY-SA 4.0)
Navistar Worldwide Company (Navistar), a US-based maker of vehicles and navy automobiles, says that unknown attackers have stolen information from its community following a cybersecurity incident found on Could 20, 2021.
The corporate disclosed the assault in an 8-Okay report filed with the Securities and Trade Fee (SEC) on Monday.
Navistar says that its operations have not been affected regardless of the safety breach as its IT programs are absolutely operational.
The corporate additionally took a collection of measures designed to mitigate the potential impression of the Could safety breach.
“Upon studying of the cybersecurity risk, the Firm launched an investigation and undertook rapid motion in accordance with its cybersecurity response plan, together with using containment protocols to mitigate the impression of the potential risk, participating inside and third-party info expertise safety and forensics consultants to evaluate any impression on the Firm’s IT System, and using extra safety measures to assist safeguard the integrity of its IT System’s infrastructure and information contained therein,” Navistar said.
Safety breach results in information breach disclosure
Nevertheless, on the finish of final month, on Could 31, Navistar “obtained a declare that sure information had been extracted from the Firm’s IT System.”
The incident investigation remains to be ongoing, and the truck maker says that it additionally reached out to related authorities who’re conscious of the info breach.
“The measures described above are ongoing because the Firm, with the help of third-party consultants, continues to analyze and handle the scope and impression of the cybersecurity incident,” Navistar added.
Whereas there was no point out of ransomware in Navistar’s SEC submitting, there’s a excessive likelihood that that is the case since over two dozen ransomware operations are known to use a double-extortion tactic the place they steal information from victims.
The exfiltrated information is then used as leverage to pressure them to pay a ransom underneath the specter of publicly leaking the corporate’s stolen info on devoted darkish internet leak websites or via different means.
Navistar is a holding firm and a number one North American producer whose associates and subsidiaries make commercial trucks, military vehicles, school buses, and proprietary engines.
The corporate is in the process of finalizing a merger with TRATON SE, a Volkswagen AG subsidiary and one of many largest industrial car producers working the MAN and Scania truck manufacturers.
BleepingComputer has additionally contacted a Navistar spokesperson for extra info on the safety breach however has not heard again.