General Dynamics (GD), a major player in aerospace and defence, has confirmed a data breach involving employee benefits accounts, stemming from a phishing campaign targeting its personnel. The breach, discovered on 10 October 2024, affected 37 individuals, including two Maine residents. Sensitive personal data and banking information were accessed, with unauthorised changes made to some accounts.
The incident occurred through a third-party login portal for Fidelity’s NetBenefits Employee Self Service system. Attackers used a fraudulent advertising campaign to direct employees to a spoofed website designed to mimic the legitimate login portal. Employees who entered their credentials into the fake site inadvertently granted access to their accounts.
The breach exposed a range of personal information, including names, dates of birth, Social Security numbers, government-issued identification numbers, bank account details, and disability status. In some cases, the attackers altered direct deposit details within the compromised accounts.
The unauthorised access began on 1 October 2024, but the company did not detect the intrusion until 10 October. Upon discovery, General Dynamics suspended access to the affected portal and began notifying impacted employees immediately. Formal written notifications were dispatched earlier this week to those identified as affected, with specific instructions on resetting account credentials.
General Dynamics claimed that it took swift action to contain the breach, engaging forensic experts to assess the scope and identify vulnerabilities in the third-party system. The company clarified that the unauthorised access occurred solely through the third-party login portal, with no evidence suggesting the compromise of its internal systems.
“Available evidence indicates that the instances of unauthorised access at issue were authenticated through the third party and not directly through any GD business units,” said General Dynamics in a statement to the Maine Attorney General’s Office.
The company also provided reassurance in its direct communication with affected individuals, stating that the breach likely resulted from compromised credentials entered into the spoofed web portal.
To address the impact of the breach, General Dynamics is offering two years of complimentary credit monitoring services. Affected employees were encouraged to reset their login credentials immediately and avoid reusing old passwords across other platforms. The company also provided detailed instructions on monitoring accounts for suspicious activity and whom to contact for further assistance.
Previous cybersecurity incidents involving General Dynamics
General Dynamics has faced cybersecurity challenges in the past, highlighting the persistent threats targeting the defence and aerospace sector.
In June 2024, Santa Barbara Systems, a Spanish subsidiary of General Dynamics responsible for refurbishing Leopard tanks for Ukraine, experienced a cyberattack. The pro-Russian hacker group NoName claimed responsibility for a distributed denial-of-service (DDoS) attack, which temporarily disrupted the subsidiary’s website. General Dynamics reported that no sensitive data was compromised, and the website was taken offline as a precautionary measure while the issue was investigated.
In March 2020, a ransomware attack targeted Visser Precision, a subcontractor serving multiple defence companies, including General Dynamics. The DoppelPaymer ransomware group claimed to have obtained sensitive data related to General Dynamics and other clients through the subcontractor. While this incident did not directly involve General Dynamics’ internal systems, it underscored vulnerabilities in the supply chain and the importance of third-party cybersecurity measures.
Read more: UK Ministry of Defence documents stolen and leaked in LockBit cyberattack
