Fincantieri Marine Group, a shipbuilding company for the U.S. Navy, suffered a ransomware attack in April, leading to the exposure of personal information for approximately 17,000 individuals, according to recent regulatory filings. The attack disrupted manufacturing operations by impacting servers crucial to welding, cutting, and other processes. The incident came to light nine months after initial reports of the ransomware attack, with Fincantieri Marine Group confirming the cybersecurity breach that caused a temporary disruption to certain computer systems. The company, a U.S. subsidiary of Italian shipbuilder Fincantieri, undertook an investigation, determining that unauthorized access occurred between April 6, 2023, and April 12, 2023, resulting in the unauthorized acquisition of sensitive data.
Despite promptly isolating systems and reporting the incident to relevant agencies and partners, Fincantieri Marine Group faced challenges in the aftermath. The disruption affected servers crucial to manufacturing machines, impacting various operations for days. The shipyard, responsible for building the Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate, took additional steps, including bringing in resources for the investigation and restoring functionality to affected systems. The company recently notified regulators in Maine, revealing that personal information, including names and Social Security numbers, of 16,769 individuals was leaked due to the ransomware attack. Fincantieri Marine Group is offering affected individuals two years of free credit monitoring services.
The incident highlights the persistent threat of ransomware attacks targeting critical infrastructure, even within defense contractors linked to national security. The exposure of sensitive data raises concerns about the potential impact on national defense capabilities and the need for robust cybersecurity measures across defense supply chains. The Navy, aware of the incident, did not comment on the recent disclosures. As organizations face escalating cybersecurity risks, incidents like these underscore the importance of proactive cybersecurity strategies, incident response plans, and collaboration with relevant authorities to mitigate the impact on sensitive operations and the individuals affected by data breaches.
