Mercury Corp., a US-headquartered manufacturing company, had attackers breach its hull to take personal details, including driver’s license and Social Security numbers.
The attackers broke through the company’s defenses in mid-February this year, Mercury Corp. announced via a breach notification letter sent to potentially impacted individuals. They didn’t roam the firms’ systems for long, the letter reads, spending only around one day inside.
However, the visit wasn’t merely a joy ride – the unauthorized access exposed personal details. According to the company’s letter, the attackers got their hands on:
- Names
- Addresses
- Dates of birth
- Driver’s licenses
- Social Security numbers (SSNs)
According to information the company submitted to the Maine Attorney General’s Office, over 3,000 individuals were exposed during the attack.
Losing personally identifiable information (PII) endangers individuals, as attackers can exploit the data to commit identity theft. For example, attackers could attempt to set up fraudulent credit accounts, file tax returns, or commit crimes with stolen identities.
More sophisticated attackers could utilize the stolen details for phishing campaigns. Since the dataset represents individuals in a specialized field, attackers could craft convincing emails or text messages to lure more details from victims.
However, Mercury Corp’s letter claims that the incident investigation “did not confirm what, if any, personal information may have been accessed or exfiltrated as a result of the incident.”
Mercury Corporation, previously known as Mercury Aircraft, has a long history in the manufacturing field. The company started out in the 1920s, supplying aircraft and parts to the US Army. Currently, the company lists IBM, Lockheed Martin, USPS, Kodak, and other companies among its partners.
Your email address will not be published. Required fields are markedmarked