UK Ministry of Defence impacted by data breach after compromise of third party supplier
Take action: Keeping legacy operating system after it's end of life is an excellent way to get hacked. Because someone will decide to connect it to a network, because "this is fine".
Learn More
The UK's Ministry of Defence (MoD) has suffered a significant security breach executed by the LockBit ransomware group through the compromise of third-party supplier Zaun, a company responsible for physical security at sensitive military and intelligence sites.
This breach occurred in early August and resulted in the leaking of thousands of pages of data, potentially containing highly sensitive national security details. The compromised information includes details about
- HMNB Clyde nuclear submarine base,
- Porton Down chemical weapon lab,
- GCHQ listening post,
- high-security prisons,
- other critical sites.
Zaun, headquartered in the West Midlands, specializes in manufacturing fences and perimeter security measures for high-risk locations.
The cyberattack, was executed through a Windows 7 PC running software for a manufacturing machine. Although Zaun's IT team managed to prevent server encryption, the attackers downloaded approximately 10 GB of data, which might include historic emails, orders, drawings, and project files.
While Zaun believes that no classified documents were compromised, the breach remains a significant concern for national security.
