Conti Attack US Precision Engineering Business

A major US precision engineering business, Parker-Hannifin Corporation (Parker), a leading maker of aerospace systems, has confirmed that it was hit by hackers that has exposed employees’ personally identifiable information. 

One of the largest companies in the world in motion control technologies, Parker has disclosed that 'an unauthorised third party' gained access to its IT systems between the dates of March 11 and March 14, although the intrusion was not detected until May.

The Conti ransomware gang, a state-sponsored Russian hacking group, widely known for targeting critical national infrastructure and government systems, published the stolen data in April after claiming responsibility for the attack. 

Parker is an Ohio-based corporation specialising in advanced motion and control technologies, with a strong focus in aerospace hydraulic equipment. It has a revenue of $15.6 billion and employs over 58,000 people.

The company investigated the attack, which concluded that the threat actor acquired certain files on its IT systems which included information related to current and former employees, their dependents, and those on a health plan sponsored by Parker. The information may also have included bank account information, US passport numbers, Social Security numbers, dates of birth, driver’s license numbers, online account usernames and passwords. 

The investigation also revealed that certain files included dates of service, provider names, and medical treatment information.

Parker says it conducted 'basic protocols' to contain the attack when it was detected and has delivered breach notification letters to those affected. “Safeguarding the information held within the company's systems is critically important to Parker, and the company is continuing to take steps to help safeguard its systems and data against the rapidly evolving threats to company information. Parker regrets any inconvenience or concern this incident may cause,” said Parker’s press release.

While Parker has not disclosed who attacked them, the Conti ransomware group claimed responsibility in April when it published 3% of the data that they allegedly stole during their attack. Full publication of the entire 419GB data set followed on April 20, which most likely means that negotiations for the payment of a ransom failed or may never have happened. 

Parker:   PR Newswire:    Oodaloop:    Infosecurity Magazine:   Bleeping Computer:   

Secure World:    Cybersecurity.News

You Might Also Read: 

FBI & CISA Advice On Ransomware Attacks:
 

« Never Trust Anything Again - The Zero Trust World
Personal Data Of Two Million Texans Left Exposed For Years »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

Virgil Security

Virgil Security

Virgil Security provides easy-to-deploy and easy-to-use cryptographic software and services for use by developers and end-users.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

DQM GRC

DQM GRC

DQM GRC are one of the UK's leading providers of data governance, e-privacy and GDPR services, to commercial organisations across all industries in the UK.

National Initiative for Cybersecurity Education (NICE)

National Initiative for Cybersecurity Education (NICE)

NICE is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

Hub One

Hub One

Hub one is a leading player in digital transformation with expertise in broadband connectivity, business solutions for traceability and mobility, IOT in industrial environments and cybersecurity.

Envelop Risk

Envelop Risk

Envelop Risk is a global specialty cyber insurance firm, combining decades of insurance industry expertise with sophisticated cyber and artificial intelligence-based analytics.

N8 Identity

N8 Identity

N8 Identity helps organizations realize the vision of Autonomous Identity Governance™ with AI-driven Identity solutions.

Tracepoint

Tracepoint

Tracepoint provide full-service cyber incident response, remediation and recovery solutions for the most time-sensitive situation your company may ever face.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.