SINGAPORE: ST Engineering is conducting a "rigorous review" of its systems after a data breach at its US subsidiary VT San Antonio Aerospace, the company said on Sunday (Jun 7).
It was reported on Friday that about 1.5 terabytes of sensitive data was stolen.
According to cybersecurity firm CYFIRMA, the information included contract details with governments of countries like Peru and Argentina, government-related organisations like NASA, as well as air carriers like American Airlines.
In a media release on Sunday, ST Engineering confirmed the incident, saying a sophisticated group of cyber criminals, known as the Maze group, had gained unauthorised access to its IT network and deployed a ransomware attack.
"At this point, the ongoing investigation indicates that the threat has been contained and is believed to be isolated to a limited part of ST Engineering’s commercial operations in the US," said ST Engineering.
"Currently, these businesses, including VT San Antonio Aerospace, continue to be operational. ST Engineering’s IT network in Singapore and its other businesses have not been compromised."
According to CYFIRMA, its initial investigation showed the breach at VT San Antonio Aerospace started “as early as in March”.
ST Engineering said it took immediate action after discovering the breach. These include disconnecting certain systems from the network, having third-party forensic advisors to help investigate the incident and notifying law enforcement authorities.
"ST Engineering takes information security extremely seriously and as part of this process, it is conducting a rigorous review of the incident and its systems to ensure that the data it is entrusted with remains safe and secure," the company added.
"ST Engineering is also taking steps to further strengthen its overall cybersecurity architecture."
The company also said its US subsidiary has begun notifying customers who are potentially affected, and that it is fully committed to responding to the incident "transparently and proactively".