Conti Ransomware Gang Strikes Major Component Supplier For Boeing And Lockheed Martin

conti ransomware group strikes supplier boeing lockheed martin news
The beginning of the year saw a flurry of stories about security breaches as the cybercriminal gang known as LAPSUS$ stole data from an alarming number of big name companies in a short period of time. However, while LAPSUS$ is no longer in operation, after the London police arrested all seven members of the group, other cybercriminal groups are still afoot and out to steal data.

One of these groups is the Russian-based Conti ransomware group. When Russia’s war on Ukraine broke out in February, the Conti ransomware gang announced that it fully supported the Russian government and would carry out counterattacks against anyone who organized cyberattacks or other offensive measures against Russia. The group specifically called out “Western warmongers” and “American cyber aggression.”

Earlier this month, the US Department of State announced its offering of up to $10 million for information that helps identify or locate key members of the Conti ransomware gang. The Department of State is also offering $5 million for information leading to the arrest or conviction of anyone working to participate in a Conti ransomware attack. According to the FBI, there have been over 1,000 victims of Conti ransomware attacks as of January 2022. The FBI also named Conti ransomware the costliest strain of ransomware ever documented, with total victim payouts exceeding $150 million.

conti ransomware group strikes supplier boeing lockheed martin headquarters news
Parker Hannifin’s global headquarters in Cleveland, Ohio (source: Parker Hannifin)

Last month, the Conti ransomware gang released on the web what looked to be data stolen from Parker Hannifin Corporation. Parker is an American company specializing in motion and control technologies whose customers include Airbus, Boeing, Rolss-Royce, and Lockheed Martin. Parker has now acknowledged a security breach that precipitated the theft of employee data.

According to Parker’s public notice of the incident, “an unauthorized third party gained access to Parker's IT systems between the dates of March 11, 2022 and March 14, 2022. The investigation further determined that the unauthorized party accessed and may have acquired certain files on Parker's IT systems.” The company detected the system breach on the 14th, and the IT team immediately shut down certain internal systems as part of incident response protocols.

After conducting an investigation, Parker found that the files accessed by the attackers may have contained information regarding not only it’s current 58,000 employees, but also former employees, their dependents, and members of Parker’s group health insurance plans. Anyone who falls within this scope may have had the following information stolen:
  • Name
  • Social Security number
  • Date of birth
  • Address
  • Driver’s license number
  • US passport number
  • Bank and routing numbers
  • Online account usernames and passwords
  • Health insurance enrollment information
  • Dates of coverage
  • Dates of service
  • Healthcare provider names
  • Claims information
  • Medical and clinical treatment information
Parker has begun to notify by mail those who may have been affected by this data breach. All notified individuals can sign up for a free two-year membership to Experian’s IdentityWorks identity theft protection service. Parker’s notice also lists a phone number that affected individuals can call to have questions about the incident answered.