SAC Wireless that operates as a wholly-owned subsidiary of Nokia suffered a data breach following a Conti Ransomware incident. The company helps customers design, build and upgrade cellular networks, including 5G, 4G LTE, small cell, and FirstNet.
According to the company’s data breach notification, the company became aware that certain aspects of our internal technology infrastructure may have been accessed by an unauthorized third party as part of a ransomware attack.
The company ensures that multiple security tools and infrastructure enhancements control the incident.
The Files Affected by this Incident Include Personal Information Relating to Current and Former SAC Wireless Employees:
- Name
- Date of birth
- Contact information (such as a home address, email, and phone)
- Government ID numbers (such as driver’s license, passport, or military ID)
- Social security number
- Citizenship status
- Work information (such as title, salary, and evaluations)
- Medical history
- Health insurance policy information
- License plate numbers
- Digital signatures
- Certificates of marriage or birth
- Tax return information
- Dependent/beneficiary names
SAC Wireless Takes Measures
“We have already changed firewall rules, disconnected VPN connections, activated conditional access geo-location policies to limit non-U.S. access, provided additional employee training, deployed additional network and endpoint monitoring tools, expanded multi-factor authentication, and deployed additional threat-hunting and endpoint detection and response tools”, in response to the ransomware attack.
The company declared it will continue to collaborate with its cyber and forensic specialists to fix the issue and to find the best security solutions for its systems. SAC Wireless will also continue to assess and monitor new threats and security flaws on an ongoing basis.
The company announced it hired Experian to offer customers free 24-month membership to their identity protection services.
“SAC is aware of an incident, and we are currently investigating the matter. As we continue to assess the incident, we are in contact with relevant parties to recommend that appropriate safeguards and precautions may be taken”.
The FBI also warned in May that Conti operators have attempted to breach the networks of more than a dozen US healthcare and first responder organizations.
Unlike the US company, the Conti ransomware gang is more than willing to provide information. The threat actor disclosed on their site that they have more than 250 GB of data belonging to SAC and threatens to publish it if the company fails to pay the ransom.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
