Wabtec Corporation, a leading rail technology company, has disclosed details of a security incident that occurred last year and resulted in the compromise of highly sensitive information. The company is headquartered in Pittsburgh and operates in over 50 countries within the freight, mining, industrial, marine, and transit sectors. The firm reportedly suffered from a ransomware attack that was first disclosed in June 2022 and attributed to the LockBit ransomware group.
Wabtec stated that although the incident from June was not mentioned explicitly in the most recent breach notice, the notice states that the stolen data was published to the threat actor’s leak site. Wabtec originally identified the attack in June, however, investigations determined that the malware was planted as early as March 15, 2022. Wabtec collaborated with data review specialists who determined that the information posted to the leak site came from the impacted files. It remains unclear whose information was stolen during the breach, however, it appears to be global Wabtec employees.