US railroad and locomotive company Wabtec Corporation disclosed a data breach that exposed personal and sensitive information.
Wabtec is a US-based public company that produces state-of-the-art locomotives and rail systems. The company employs approximately 25,000 people and is present in 50 countries, being the world market leader in freight locomotives and a major player in the transit segment.
The company’s financial results for 2021 show revenue of $7.8 billion, reporting a staggering 20% of global freight moved by Wabtec’s 23,000 locomotives in service worldwide.
Wabtec discloses data breach
In an announcement released at the end of the year, Wabtec claims that hackers hacked into their network and installed malware on specific systems as early as March 15, 2022.
On June 26, Wabtec said it detected unusual activity on its network, leading to an investigation into the attack and whether the hackers stole any data.
The next day, media reported that sources at one of Wabtec’s factories said it was a ransomware attack affecting the railroad giant. However, the company has not officially responded to the rumors.
A few weeks later, LockBit released samples of stolen data to Wabtec and finally released all stolen data on August 20, 2022, likely after a ransom was not paid.
As Wabtec now explains, its investigation into the incident ended on November 23, 2022, when data review specialists confirmed that LockBit stole files containing sensitive personal information.
This stolen data exposed a wide variety of sensitive information, including:
- Last name and first name,
- Date of Birth,
- Non-US National Identification Number,
- Social Insurance Number or non-US tax code,
- Passport number,
- IP adress,
- Employer Identification Number (EIN),
- USCIS or alien registration number,
- NHS (National Health Service) number (UK),
- Information on the medical record / health insurance,
- Photography, gender/gender identity,
- Salary, social security number (US),
- Financial account information,
- Payment card information,
- Account username and password,
- biometric information,
- criminal conviction or offence,
- sexual orientation/life,
- Religious beliefs,
- Union membership
“For this reason, Wabtec encourages individuals to remain vigilant against incidents of identity theft and fraud by reviewing their financial account statements and credit reports for any discrepancies.”
The company began sending data breach notices to everyone affected on December 30, 2022, but the exact number of people affected by the incident was not disclosed.