#Privacy: Aerospace and industrial manufacturer suffers data breach

The Colorado-based manufacturer, which makes parts for Tesla and SpaceX, has confirmed a data breach caused by the DoppelPaymer ransomware.

Visser Precision has become the latest target of a cyber security incident, whereby it was targeted by the DoppelPaymer variant. 

The breach was detected by threat analyst at Emsisoft Brett Callow, after noticing a website publishing files that had been stolen from Visser by the DoppelPaymer ransomware. 

The stolen files included folders with customer names, including Tesla, aircraft maker Boeing, SpaceX, and defense contractor Lockheed Martin, to which a certain amount of the files were made available to download, according to TechCrunch

The operators behind DoppelPaymer allegedly published non-disclosure agreements between Visser and both Tesla and SpaceX, in addition to proprietary information. 

Data theft, whereby files are stolen before encrypting them and then used as leverage in order to get victims to pay the ransom, has become a new tactic being adopted by numerous ransomware families, such as DoppelPaymer and Nemty

Visser has launched an investigation into the attack. 

A Lockheed Martin spokesperson told TechCrunch that the company is “aware of the situation with Visser Precision and are following our standard response process for potential cyber incidents related to our supply chain.”

Just last week, the operators behind the DoppelPaymer ransomware launched a website, “Dopple Leaks,” for publishing the data of victims who do not pay their ransom. 

The website is currently used mainly for shaming their victims and to publish a few files that were stolen. As of this moment, DoppelPaymer has listed four companies, with one of them being Pemex, Mexico’s state-owned oil company. 

The other listed companies include a US merchant account company, a French telecoms and cloud services business, and a South African logistics and supply chain organisation. 

“Data theft is a strategy that multiple groups have now adopted and, consequently, ransomware incidents should be treated as data breaches until it can be established they are not,” said Callow to TechCrunch. 

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.