Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense and the Department of Homeland Security confirmed that it suffered a cyberattack and is currently investigating the impact of the incident.
The company is based in Australia and specializes in high-performance aluminum vessels.
Its American subsidiary, Austal USA, is under contract for multiple programs that include building Independence class littoral combat ships for the U.S. Navy, which are 127-meter-long vessels at a cost of $360 million per unit.
Austal also has an active $3.3 billion contract for building 11 patrol cutters for the U.S. Coast Guard.
Earlier today, the Hunters International ransomware and data extortion group claimed to have breached Austal USA and leaked some information as proof of the intrusion.
We were able to quickly mitigate the incident resulting in no impact on operations.
Regulatory authorities, including the Federal Bureau of Investigation and Naval Criminal Investigative Service were promptly informed and remain involved in investigating the cause of the situation and the extent of information that was accessed.
No personal or classified information was accessed or taken by the threat actor.
We are working closely with the appropriate authorities and will continue to inform any stakeholders impacted by the incident as we learn new information.
Austal USA recognizes the seriousness of this event and the special responsibility we have as a DoD and DHS contractor.
Hunters International threaten to publish more data stolen from Austal's systems in the following days, including compliance documents, recruiting information, finance details, certifications, and engineering data.
Austal USA did not share if the threat actor was able to access data about engineering schematics or other proprietary U.S. Navy technology.
Hunters International emerged recently as a ransomware-as-a-service operation and is believed to be a rebrand of the Hive ransomware gang, a theory based on overlaps in the malware code.
According to the threat actor, encryption is not the end goal of their attacks, as their focus is on stealing data and using it as leverage to extort victims into paying a ransom.
At the moment, the gang's data leak site lists well over a dozen victims in different sectors and from various regions of the world.
Auto parts giant AutoZone warns of MOVEit data breach.
Yamaha Motor confirms ransomware attack on Philippines subsidiary.
Kyocera AVX says ransomware attack impacted 39,000 individuals.
TransForm says ransomware data breach affects 267,000 patients.
Seiko says ransomware attack exposed sensitive customer data.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 06 Dec 2023 17:20:21 +0000