Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A company in the running to help build the United States’ Golden Dome missile defence system has been impacted by an alleged data breach.
American defence contractor L3Harris has been listed as a victim on ransomware gang World Leaks’ darknet leak site.
The hackers have not listed the volume of data allegedly stolen, nor their ransom demand, though the 10 August leak post does include a countdown to publication of the data. At the time of writing, the data will be published within two days.
World Leaks has also shared two sample screenshots of what appear to be support conversations between L3Harris employees and employees of Acron Aviation, which was formerly known as L3Harris Commercial Aviation Solutions prior to its acquisition by private equity group TJC earlier this year.
The discussions appear legitimate, and the employees in the chat have been confirmed workers at both firms.
World Leaks emerged as a ransomware operator in January 2025, after the hackers behind the group closed down their previous ransomware operation, Hunters International.
However, whereas Hunters was a classic double extortion operation, both stealing data and encrypting it on victims’ networks, World Leaks’ operations are based entirely on exfiltrating data.
The group has claimed 60 victims since it first formed. Its last Australian victim was NSW-based petroleum distributor Kel Campbell, which was listed by the group in June.
L3Harris is headquartered in Melbourne, Florida, but has offices throughout the world, including in Australia. It is currently expected to be involved in the Golden Dome missile defence contract announced by Donald Trump in January this year. The company produces command and control systems, aviation simulators, night vision devices, and processor technology used in military aircraft such as the F-35 Lightning II fighter and C-130J Super Hercules.
This is not the first time a ransomware operator claimed to have hacked the company. In 2023, the Abyss ransomware group said it had gained access to 17 virtual machines supporting the wideband satellite communications operational management system network, which L3Harris has been monitoring and maintaining since it was awarded the contract to do so in late 2018.
Speaking to media outlet Florida Today at the time, an L3Harris spokesperson said the company had experienced a “system disruption that affected an isolated network at one location. The incident was immediately contained, and the system was secured”.
Cyber Daily has reached out to L3Harris for comment on the alleged incident.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
