Recently, it has been discovered that a “sophisticated” group of cybercriminals, known as the Maze Ransomware, had gained unauthorised access to VT San Antonio Aerospace, Inc. – a US subsidiary of ST Engineering.
According to ST Engineering’s website, the Maze Ransomware gained access to the company’s IT network and deployed a ransomware attack last Friday (5 June).
Cyble Inc revealed that it managed to identify and verify this data leak, which involved the company’s cyber insurance documents, various contract calculations worksheets, NASA give review rules, etc.
A total of 1.5 terabytes of sensitive data was stolen by the criminal group.
ST Engineering acknowledged this news in an official statement last Friday, adding that a “rigorous review of the incident” is being conducted.
“As part of this process, we are conducting a rigorous review of the incident and our systems to ensure that the data we are entrusted with remains safe and secure. This includes deploying advanced tools to remediate the intrusion and to restore systems. We are also taking steps to further strengthen the Company’s overall cybersecurity architecture.”
On Sunday (7 June), ST Engineering updated the public on this particular incident via a press statement, confirming the threat that occurred to its US subsidiary. The Singapore-based group assured that its IT network in Singapore and its “other businesses” have not been compromised.
In the statement, it said that “immediate action” had been taken upon discovering the data breach by disconnecting certain systems from the network as well as having third-party advisors to support on the investigation.
“Upon discovering the incident, ST Engineering took immediate action, including disconnecting certain systems from the network, retaining leading third-party forensic advisors to help investigate the incident and notifying appropriate law enforcement authorities.”
Revealing that it is an ongoing investigation, ST Engineering stated that it will be taking steps to “further strengthen its overall cybersecurity infrastructure”.
The group also noted that the cybersecurity incident is not expected to have any “material impact” on its consolidated net tangible assets or consolidated earnings per share for the current financial year.