A new cybersecurity incident has affected the systems of a high-profile company. General Electric (GE), a multinational enterprise with a stake in multiple sectors (from aviation to home appliance manufacturing), has revealed that the personal information of its current and former employees was compromised due to an incident impacting the IT infrastructure of one of its suppliers.
In this regard, GE issued a statement: “We understand that some personal details were compromised due to an incident related to one of our suppliers. We will take the necessary steps to address the inconveniences.”
The notification of the incident, filed with the California Attorney General’s Office, mentions that an unidentified threat actor hacked into the email account of one of Canon Business Process Services employees, who serves as a GE provider. The committed account stored multiple documents of an unspecified number of GE employees and former employees, who remained beneficiaries of a service provided by Canon.
Confidential information compromised during this incident includes details such as:
- Full names
- Phones
- Addresses
- Social Security Numbers
- Driver’s licenses
- Passports
- Birth certificates, marriage and doctors, among others
It is important to mention that, while the information presented is related to GE, the company’s computer systems were not compromised during the incident, so the recovery process corresponds to Canon. It is mentioned that the responsible firm will offer a credit monitoring and identity fraud prevention service free of charge to affected persons. This is a common measure in cases like this.
People affected by the data breach will begin to be notified over the next few days; more details about the protection services will be disclosed along with the individual notification.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.