MAG Aerospace, military contractor for the US military in intelligence, surveillance and reconnaissance, suffered a breach exposing its employee data.
The company started to inform thousands of potentially impacted individuals earlier this week, distributing data breach notifications which detail the cyberattack.
According to MAG Aerospace, the company was alerted about suspicious activity within its network in late August of 2025. To quarantine the issue, the Fairfax-based military contractor disabled affected accounts to prevent the breach from impacting more of its systems.
“We also took measures to contain the incident, including quarantining assets, disabling affected accounts and domains, blocking access to our network, resetting passwords for affected accounts, and contacting law enforcement,” the company’s breach notice reads.
A subsequent analysis of the unauthorized access revealed that attackers accessed a “limited set of electronically stored personal information.” The investigation has also revealed no evidence of the exposed data being mishandled in any way.
MAG Aerospace provides intelligence engineering services to the US military. Among the publicly listed company’s contracts are The US Army, Federal Emergency Management Agency (FEMA), US General Service Administration (GSA), the Defence Intelligence Agency (DIA), Department of State, US Space Command, and other prominent government organizations. The company's revenue reportedly exceeds $1.4 billion, with a staff of over 1,400.
“MAG DS Corp., doing business as MAG Aerospace, delivers highly technical services andengineering solutions around the world. We obtain and maintain personal information in thenormal course of our business and in support of our employees,” the company’s data breach notice explains.
The company did not reveal what type of data was exactly exposed during the data incident. However, MAG Aerospace said it will offer potentially impacted individuals 24 months of complimentary fraud detection and identity theft protection services.
In most cases companies offer similar services to individuals who had their names, Social Security numbers (SSNs), and other identifiers exposed.
Given the sensitive nature of the industry MAG Aerospace operates in, the data could be a goldmine for threat actors and nation state attackers. To the very least, personal data theft enables attackers to conduct convincing phishing and social engineering attacks which may lead to victims inadvertently installing malware on their devices.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked