If you purchase via links on our site, we may receive affiliate commissions.

Thales admits data leak but denies systems breach

Updated on: 14 November 2022

Damien Black
Senior Journalist

Weapons firm HQ in Paris — Image by Shutterstock

The French defense contractor has confirmed recent claims by ransomware group LockBit that it published data stolen from Thales Group on the dark web, but denies that its systems have been compromised.

“Thales is able to confirm extortion and ransomware group LockBit released on its platform data pertaining to Thales Group,” said the munitions firm in a statement on its website. “At this stage, Thales is able to confirm that there has been no intrusion of its IT systems.”

Just how exactly a threat actor could have obtained said data without breaching the company’s cyber defenses will be a matter of speculation. Thales hinted at the answer, implicitly blaming a third-party contractor for its recent woes.

“Thales security experts have identified one of the two likely sources of the theft, which has been confirmed through the user account of a partner on a dedicated collaboration portal,” it said. “This has led to the disclosure of a limited amount of information.”

The weapons manufacturer says it is “working closely” with its compromised partner to resolve the problem and insists that, for now at least, it is business as usual.

“Thales is working closely with its partner and is providing all of the necessary technical support and resources to minimise any potential impact to concerned customers and stakeholders,” it said.