SpaceX, the aerospace manufacturer and space transport services company founded by Elon Musk, has allegedly met with a cybersecurity incident, involving a data breach with Hunters International, a notorious hacking group that reportedly posted samples of SpaceX data breach.
The Space X data breach seems to involve relatively old data from SpaceX, with Hunters International employing name-dropping tactics to exert extortion pressure. Interestingly, these same samples were involved in an earlier data breach that SpaceX faced in early 2023, attributed to the LockBit ransomware group.
Hunters International shared samples and databases supposedly linked to SpaceX, including access to 149.9 GB of data. This database, originally associated with the initial SpaceX data breach linked to LockBit, was traced back to a third-party supplier within SpaceX’s supply chain, specifically a manufacturing contractor based in Texas.
Through infiltration of the vendor’s systems, LockBit allegedly gained control of 3,000 drawings or schematics verified by SpaceX engineers.
SpaceX Data Breach Resurfaces on the Dark Web
Source: XInterestingly, the threat actor sheds light on the SpaceX data breach’s infiltration including an undisclosed GoPro development environment.
Adding another layer to the intrigue, recent events in April 2024 reveal the Cactus ransomware group’s purported targeting of Aero Dynamic Machining, Inc., a US-based aerospace equipment manufacturer.
The group alleges to have extracted a staggering 1.1 TB of data, encompassing confidential, employee, and customer information from industry giants like Boeing, SpaceX, and Airbus. Subsequently, the group leaked 5.8 MB of compressed data, containing agreements, passports, shipping orders, and engineering drawings, further intensifying the gravity of the situation.
The Cyber Express has reached out to SpaceX to learn more about the data breach claims made by the Hunters International group. However, at the time of writing this, no official statement or response has been received, leaving the claims for the SpaceX data breach stand unverified.
Moreover, the website for SpaceX seems to be operational at the moment and doesn’t show any immediate sign of the attack or data breach suggesting a likelihood that the data shared by Hunters International may indeed stem from the breach of 2023.
How LockBit Ransomware Group Breached SpaceX?
In March 2023, the LockBit Ransomware group infiltrated a third-party manufacturing contractor in Texas, part of SpaceX’s supply chain, seizing 3,000 certified drawings and schematics created by SpaceX engineers.
LockBit directly addressed SpaceX CEO Elon Musk, demanding ransom payment within a week under the threat of selling the stolen blueprints. The gang’s audacious move aimed to profit from the sensitive data, regardless of the vendor’s response. Despite concerns over compromised national security and the potential for identity theft, SpaceX has not confirmed the breach, leaving the claims unresolved.
This breach, along with the reappearance of leaked data from previous incidents, highlights the persistent threat of cyberattacks on critical infrastructure. It sheds light on the urgent need for robust cybersecurity measures to safeguard against such breaches, as the ramifications extend beyond financial loss to encompass broader security implications.
The reappearance of data from last year’s SpaceX data breach is raising significant concerns. This recurrence poses a serious threat to the personal and financial security of millions, potentially exposing them to the risks of identity theft and fraud. Notably, despite the breach being initially reported last year and now resurfacing, SpaceX has yet to confirm the incident, leaving the claims unverified.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Leave a Reply