Phishing Attack Triggers Electronic Warfare Associates Data Breach

The US government defense contractor and a technology firm Electronic Warfare Associates (EWA), has recently disclosed a data breach. As revealed, the incident happened following a phishing attack.

Electronic Warfare Associates Data Breach

Electronic Warfare Associates (EWA) has recently disclosed a data breach with a limited impact on EWA email accounts. According to the breach notification, the firm suffered an email phishing attack that resulted in the data breach.

Based on our investigation, we determined that a threat actor infiltrated EWA email on August 2, 2021.

The firm detected the incident after observing a wire fraud attempt. Hence, they initially didn’t suspect a data breach. However, it turned out otherwise.

We have no reason to believe the purpose of the infiltration was to obtain personal information. Nevertheless, the threat actor’s activities did result in the exfiltration of files with certain personal information.

Regarding the information exposed during the incident, EWA mentions Social Security numbers and drivers’ license numbers to be included.

Following the incident, the firm quickly started with the investigations about the wire fraud and the subsequent data exposure. EWA took help from third-party forensics in this regard, although they do not suspect any misuse of data.

Nonetheless, they have still offered complimentary 2-year identity theft protection and fraud detection services via Equifax.

The firm has also elaborated on various preventive measures that customers can take to avoid and detect fraud. These include vigilant monitoring of financial statements and credit reports and promptly reporting any suspected identity theft to the IRS.

Electronic Warfare Associates (EWA) is a dedicated technology firm providing cybersecurity, defense, and electronic warfare services and products. The firm is also a key US defense contractor – something highlighting the firm’s reputation and the sensitivity of the data that EWA potentially deals with.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil