Dassault Falcon Jet Disclosed Data Breach – Ransomware Attack Suspected

Page, AZ, USA - September 28, 2019: A Dassault Falcon 900 EX sitting on the ramp in Page, AZ with the morning sun popping up behind the tail.

Another sensitive corporation has suffered a cyberattack that it disclosed recently. This time, the victim is the Dassault Falcon Jet Corps that had earlier disclosed a data breach. But now, it seems that Dassault has fallen prey to a ransomware attack.

Dassault Falcon Jet Security Breach

Reportedly, the aerospace firm Dassault Falcon Jet has disclosed a data breach lately. Dassault Falcon Jet is a subsidiary of the French company Dassault Aviation known for the development of military and business jets.

The news surfaced online after the firm disclosed the security breach via a notice. As revealed, the firm noticed a data security incident on December 6, 2020, that affected some of its systems.

Further investigations revealed that the affected systems included information about the present and former employees of the firm. The breached data potentially includes the following, as stated in the notice.

For current and former employees, the information involved included the name, personal and company email address, personal mailing address, employee ID number, driver’s license number, passport information, financial account number, Social Security number, date of birth, work location, compensation and benefit enrollment information, and date of employment.

Besides, the breached data also included information about the employees’ spouses and dependents.

Following the incident, the firm involved law enforcement and cybersecurity experts to investigate the matter.

Whereas, they also announced to keep their impacted systems offline until they could ensure a safe recovery.

Ragnar Locker Ransomware Suspected

Although, Dassault didn’t precisely state the reason behind the data breach. Nonetheless, French media reported that the company fell prey to the Ragnar Locker ransomware gang.

As they elaborated, the attackers remained hidden on the company’s network for more than six months. They exploited Shitrix vulnerability (CVE-2019-19781) in a vulnerable system in March, to gain persistence on the network.

They then started encrypting the data on December 7, 2020, not missing to steal it before encryption.

Lately, given that the attackers couldn’t communicate with Dassault officials, they have started leaking the stolen data on the dark web, hence, proving their responsibility for the attack.

For now, it remains unclear how much ransom the attackers demanded from Dassault. Nonetheless, they are known for making huge demands, as evident from their recent attacks on Capcom and Campari.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients