Ransomware attack on US Navy shipbuilder leaked information of nearly 17,000 people


An April ransomware attack on a company that builds ships for the U.S. Navy exposed the information of nearly 17,000 people, according to documents filed with regulators in Maine this week.

The regulatory filing comes nearly nine months after several local news outlets in Wisconsin reported that Fincantieri Marine Group — the U.S. arm of Italian shipbuilding company Fincantieri — was dealing with a ransomware attack that caused widespread production issues.

The company did not respond to requests for comment at the time but sent a statement to the United States Naval Institute (USNI) and the Green Bay Press Gazette confirming it had experienced a cybersecurity incident that caused “a temporary disruption to certain computer systems on its network.”

The company said at the time that its network security officials “immediately isolated systems and reported the incident to relevant agencies and partners.”

“Fincantieri brought in additional resources to investigate the incident and to restore full functionality to the affected systems as quickly as possible,” the company told the news outlets.

On January 5, the company sent out breach notification letters explaining that on April 12, 2023, it “became aware of a cyberattack on its computer systems that included the encryption of certain files.”

“FMG promptly took steps to secure its environment and began an investigation into the nature and scope of the incident. The investigation determined that, in connection with the incident, there was unauthorized access to certain systems in FMG’s environment between April 6, 2023, and April 12, 2023, and as a result, certain data stored on its systems were subject to unauthorized acquisition,” the letters said.

“FMG then undertook a comprehensive review of the affected data to confirm what information was impacted. On November 6, 2023, FMG determined that personal information relating Maine residents was in the files at issue. The personal information involved includes name, and Social Security number.”

The company told regulators in Maine that 16,769 people had information leaked due to the ransomware attack. They are providing victims with two years of free credit monitoring services.

USNI reported in April that the shipyard builds the Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate. The Navy did not respond to requests for comment in April or on Friday but told USNI at the time that it was aware of the incident.

According to USNI, the attack disrupted the servers that fed information to manufacturing machines. For days, the machines responsible for welding, cutting and more were down after the servers were knocked offline.

The Green Bay Press Gazette reported that the shipyards in Marinette, Sturgeon Bay and Green Bay employ a total of about 2,300 people. The company did not respond to requests for comment about whether the 16,769 people affected included current and former employees.

Another Navy shipbuilder — Austal — confirmed that it had faced a cyberattack in December after a ransomware gang took credit for the incident.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Next Post

Ransomware gang targets nonprofit providing clean water to world’s poorest

Related Posts

PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today. “Thanks to this new technique, during PixPirate reconnaissance
Read More

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks

Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts made by five state-affiliated actors that used its
Read More