Cybersecurity incidents continue to occur even amid the coronavirus pandemic. General Electric has revealed that it is notifying its employees of a data breach that has compromised considerable amounts of confidential information.
The report sent to the company’s employees mentioned that the incident did not affect GE’s systems, but occurred at Canon Business Process Services, a company that provides some services to GE. Canon processes all documentation regarding GE employees (current and old); mentioned that at least 200,000 records were exposed during the incident.
Among the information presented are multiple confidential details, including:
- Direct deposit forms
- Driver’s licenses
- Passports
- Birth, marriage and death certificates,
- Withholding tax forms
- Full names
- Social security numbers, among other details
The information remained exposed for almost a full month. No details have yet been revealed about the threat actor behind this incident, although cybersecurity specialists believe the company has no idea who might be responsible for this attack and its motivations.
At the request of the company, multiple hacking forums have been analyzed for some trace of the information compromised, although so far the search has been unsuccessful. However, in the notification sent to GE employees, they are mentioned to be exposed to phishing attempts, identity fraud, among other cybercrime variants. Because the incident occurred on Canon systems, GE specified in its notification that it will be the third party company responsible for providing electronic fraud protection services to those affected.
Access to this information has already been closed and no potential related incidents have been reported, although it is worth mentioning that this is a massive corporation, which could complicate things for those affected in the future.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.