iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Space technology giant Maxar Space Systems has revealed that its network was breached by an unknown third-party.
Maxar Space Systems is a Colorado space technology manufacturing and engineering company, best known for its satellites, operating one of the largest and most advanced satellite constellations that covers 60 per cent of the earth's surface every month and collects over 3.8 million square kilometers daily.
In a notification sent to its employees, the US-based company said that the incident was discovered on October 11, but determined that the threat actors had access for an entire week prior.
“Our information security team discovered that a hacker using a Hong Kong-based IP address targeted and accessed a Maxar system containing certain files with employee personal data,” said Maxar Space Systems.
“When we discovered this on ‘October 11,2024, we took immediate action to prevent further unauthorized access to the system. Nevertheless, ‘according to our investigation, the hacker likely had access to the files on the system for approximately one ‘week before this action was taken.”
According to the release, the system the threat actors gained access to contained names, genres, home addresses, business contact information such as emails, phones and addresses, social security numbers, employment status, employee number, department, supervisor and important onboarding information such as hire dates, role start dates, and “if applicable”, dates of termination.
Maxar Space Systems specified however that the incident did not expose bank account data.
Currently, Cyber Daily has not observed any threat actors taking responsibility for the incident. The Honk Kong IP address may indicate a Hong Kong-based threat actor or just the use of a Honk Kong-based server.
Back in July, a threat actor claimed to have exfiltrated data from Maxar’s GeoHive crowdsourcing platform.
“Today, I bring you the user base scrape of GeoHive Maxar Technologies, a space technology company headquartered in Westminster, Colorado, United States,” said threat actor “post” on a popular hacking forum.
“Their API had a vulnerability where you could see every single user's email address, full name, IP address, phone numbers, sessionToken, etc. I exploited this vulnerability to scrape as much user info as I possibly can from their website.”
It is unclear whether or not the most recent incident and the July scrape are connected in any way.
Be the first to hear the latest developments in the cyber industry.
