Exploit: Phishing
Company: Electronic Warfare Associates
Industry: Government, Defense Contractor
Source: http://dojmt.gov/wp-content/uploads/Data-Breach-Notification-25.pdf

US national defense contractor Electronic Warfare Associates (EWA) has announced a data breach that is suspected to have been caused by an employee phishing attack. With over 270 employees, EWA is a major provider of services and products concerning cyber security and electronic warfare for several US defense establishments including the Pentagon, the Department of Defense, and Department of Homeland Security.

An official investigation revealed the threat actor broke into an EWA email account in August 2021 after successfully luring an employee in a phishing attack. The intrusion was uncovered when the hacker attempted a fraudulent wire transfer. The organization doesn’t believe their intent was to obtain personal information, however, employee PII was exposed and there remains the concern of sensitive defense information also being exposed.

The EWA is continuing to work with third-party forensics to further investigate the incident.