Maxar Space Data Leak, Threat Actors Gain Unauthorized Access to the System

Maxar Space Systems, a leader in space technology and Earth intelligence solutions, has recently confirmed a significant data breach that exposed the personal information of both current and former employees.

The breach, which took place in mid-October 2024, has raised serious cybersecurity concerns, particularly as the incident involved a hacker using a Hong Kong-based IP address to gain unauthorized access to the company’s systems.

According to an official statement from Maxar, the company’s information security team discovered the breach on October 11, 2024.

The hacker had accessed a Maxar system containing files with sensitive employee data. The breach is believed to have persisted for approximately one week before the company was able to prevent further unauthorized access.

Immediate measures were taken by Maxar to secure its systems and begin an internal investigation.

Maximizing Cybersecurity ROI: Expert Tips for SME & MSP Leaders – Attend Free Webinar

Maxar Space Data Leak

The compromised files contained a variety of personal data, including employee names, home addresses, social security numbers, business contact details, employment status, job titles, and more.

Importantly, the breach did not involve any financial information such as bank account details or dates of birth. Here is a list of the types of personal data exposed:

• Name
• Home address
• Social Security number
• Business contact information (phone number, email, etc.)
• Employment status and job title
• Supervisor and department details
• Hire date, role start date, and termination date (if applicable)

Maxar emphasized that there was no exposure of bank account information or dates of birth, thus minimizing the financial risk to affected individuals.

Maxar has already notified law enforcement agencies and is working in coordination with them to investigate the breach thoroughly.

The company also retained a third-party cybersecurity firm to assist in ensuring that vulnerabilities leading to the breach are fully resolved.

In a letter sent to impacted individuals, Maxar offered several protective measures. Current employees were encouraged to enroll in identity protection services through IDShield, while former employees were offered identity monitoring services through IDX.

Maxar is covering the cost for these services for at least one year, or longer where legally required.

The company also urged employees and former employees to monitor their financial accounts for any unusual activity, report any suspected identity theft to law enforcement, and consider placing a security freeze on their credit files to prevent unauthorized access.

This breach follows a growing trend of cyberattacks on major corporations, as threat actors continue to exploit vulnerabilities in corporate infrastructure.

The fact that the hacker operated from a Hong Kong-based IP address raises questions about the international nature of the cyberattack and potential geopolitical implications.

Maxar’s swift response to mitigate further damage, however, has been praised by cybersecurity experts, who stress the importance of transparency and quick action in the wake of a data breach.

As the investigation continues, more information is expected to come to light in the coming weeks regarding the full scope of the breach and any further actions that must be taken to bolster Maxar’s cybersecurity defenses.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN -> Try for Free