Thought Leadership
General Dynamics, one of the largest defense and aerospace companies in the USA, has fallen victim to a targeted phishing campaign. Attackers managed to gain access to the social security accounts of several dozen employees.
The incident shows once again how successful targeted phishing attacks can be – even for companies in the sensitive defense sector. The attackers used a sophisticated combination of fake advertising and fake login pages.
The initially undetected attack began on October 1. The perpetrators placed fraudulent advertisements that redirected General Dynamics employees to a deceptively real-looking phishing page. There, the victims unsuspectingly entered their access data. Using these compromised credentials, the attackers were then able to log in to Fidelity NetBenefits via the Employee Self Service Portal – the platform General Dynamics uses to manage its employees’ benefits.
Access to the employee accounts gave the attackers access to highly sensitive personal information. The captured data included employees’ names and dates of birth as well as official ID data and social security numbers. The access to bank details and information about any disabilities of those affected is particularly explosive. In some cases, the attackers even changed the bank account information stored in the compromised accounts.
Rapid response after discovery
The company discovered the unauthorized access on 10 October and immediately blocked access to the affected portal. The first affected employees were informed on the same day. This week, General Dynamics sent out written notifications to all 37 affected employees. As compensation, they will receive two years of free credit monitoring.
According to the company, access was gained exclusively via the third-party provider’s systems. General Dynamics’ own corporate networks were not directly affected. Nevertheless, the company strongly recommends that all employees change their Fidelity access data and do not reuse it for other services.
