SAC Wireless, a Nokia subsidiary in the US, was hit by a ransomware attack during which attackers stole data and encrypted its systems.
The Nokia’s company works with leading carriers, tower owners, and OEMs in the US. SAC Wireless helps customers build and upgrade their cellular networks, including 5G and 4G LTE.
SAC Wireless says they detected a network breach by Conti ransomware operators on June 16 after the hackers encrypted its systems.
A forensic investigation conducted by external cyber security experts confirmed the personal information of Nokia employees was stolen during the ransomware attack on August 13.
“The threat actor, Conti, gained access to the SAC systems, uploaded files to its cloud storage, and then, on June 16, deployed ransomware to encrypt the files on SAC systems,” SAC says in data breach notification letters sent to an undisclosed number of impacted individuals.
The company confirmed that the stolen files contain the following personal info: name, date of birth, contact information (such as a home address, an email, and a phone number), government ID numbers (such as driver’s license, passport, or military ID), social security number, citizenship status, work information (such as title, salary, and evaluations), medical history, health insurance policy information, license plate numbers, digital signatures, certificates of marriage or birth, tax return information, and dependent/beneficiary names.
Following the attack against SAC, the company took various measures to prevent future breaches. Some of these included: changing firewall rules, activating conditional access policies, and adding additional security tools.
While the company refused to reveal the full extent of the attack, Conti revealed on their leak site that they stole 250 GB of data.
The hackers behind the ransomware update are threatening to release the files they had stolen from Nokia if the company doesn’t pay the ransom.