Navistar Confirms Data Breach Following Cyberattack

According to an investigation at Navistar, a data breach on its systems exposed the healthcare information of its employees.

Navistar Confirms Data Breach Following Cyberattack
Navistar Confirms Data Breach Following Cyberattack | Image credits: Business Insider

When Navistar detected the security incident on May 20th, it immediately called external cybersecurity specialists and began working on an investigation of the situation. In late May, the company confirmed that a cybercriminal had gained access to and extracted data from Navistar's information technology systems, according to The Daily Swig.

Navistar alerted investors about the occurrence via an 8-K filing to the US Securities and Exchange Commission on June 7. Meanwhile, as investigators sought to discover the entire scope and effects of the incident, the notice led to stories about it being published by Reuters and other news organizations.

Members of the company's health and life insurance policies were targeted by hackers, according to the Navistar team, which acknowledged on August 20th that attackers had accessed and collected their personal information.

Personal information of former and current Navistar employees could have been compromised

It has been revealed that an undetermined number of former and current Navistar employees' personal information was potentially exposed in the incident. According to an updated statement from Navistar on the incident, the potentially vulnerable data includes their Social Security numbers, addresses, first and last names, and dates of birth.

When cybercriminals gain access to a victim's personal information, they often trade it in order to conduct more sophisticated phishing scams that ask for even more information or to apply for credit cards in the victim's name.

Late in September, Navistar began alerting those who would be affected and providing free credit monitoring and identity theft protection for two years. Everyone affected should be on the watch for fraudulent activity and possible identity theft in the near future.