Defence and aerospace industry giant Lockheed Martin is once again in the crosshairs of a pro-Iran threat actor, with the Handala hacking group delivering a 48-hour deadline to respond to its claims of an employee-focused data breach.
“We, the Handala Hack, have today initiated a new phase of Operation Lockheed Martin,” the hackers said in a March 26 update to several of its websites, both on the clear and dark webs.
“We now possess the complete data of 28 senior American engineers based in the occupied territories and involved in military projects – including names, identification numbers, passports, places of residence, and service bases. All of this information has been leaked.”
True to its word, Handala has published a listing of the employees, which includes all the data as advertised. Alongside this document are passport scans that appear to be legitimate and match up to LinkedIn profiles of Lockheed Martin senior staff.
Handala also said it has been in contact with several of the workers.
“In recent hours, we have established contact with some of them to demonstrate just how fragile digital barriers can be. From conversations about their daily interests to ordinary details of their lives, all was done to show that “privacy” is merely a word in a book, not a reality,” Handala said.
“We called them and told them where they live, the names of their children, their favorite foods, their weekend activities, and the locations of their families’ residences in the United States.”
The named Lockheed Martin employees have been given a deadline of 48 hours to “cease cooperation with the Zionist regime and leave the occupied territories immediately”.
If the workers fail to leave, Handala has said their homes will become “missile targets”. The hackers have also threatened family members currently residing in the United States.
A Lockheed Martin spokesperson told Cyber Daily the company is aware of Handala's claims.
“Lockheed Martin continues to carry out its mission-critical work in support of American and allied warfighters around the world," the spokesperson said.
"We are aware of the reports and have policies and procedures in place to mitigate cyber threats to our business. We are confident in our robust, multi-layered information systems and data security and continue to actively monitor and protect our networks.”
This incident is the second alleged breach of Lockheed Martin this week, with the APT-Iran group boasting that it had compromised technical documentation related to the F-35 fifth-generation fighter.
The company, however, denied those allegations, telling Cyber Daily, “There is no evidence indicating these reports are accurate”.
Not so seized
The Handala group was in the headlines last week, after the US Department of Justice revealed it had seized several of the hacking group’s web domains.
“Iran thought they could hide behind fake websites and keyboard threats to terrorise Americans and silence dissidents,” FBI Director Kash Patel said in a March 19 statement.
“We took down four of their operation’s pillars, and we’re not done. This FBI will hunt down every actor behind these cowardly death threats and cyber attacks and will bring the full force of American law enforcement down on them.”
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.