Skip to content

General Dynamics employees targeted in phishing attack

  • by
  • 2 min read

Aerospace and defence company General Dynamics has revealed that its employees were targeted in a phishing campaign that compromised employee benefits accounts. The attack was focused on a login portal General Dynamics uses to manage employee benefits.

The attackers ran a bogus ad campaign directing employees to a fake phishing page and tricking them into entering their credentials. Specifically, the Fidelity NetBenefits accounts via the Employee Self-Service portal used by the company were targeted.

A total of 37 employees were affected, as per General Dynamics’ letter to the Maine Attorney General’s Office. The hack was discovered on October 10, 2024, when the hackers accessed and made changes to the employee benefits accounts they compromised. Sensitive information, including names, birthdays, government IDs, Social Security numbers, bank account information, and disability status, was also compromised.

In some cases, the hackers changed bank account information in the compromised employee benefits accounts, likely in an attempt to steal any funds being directed to employees. This raised an alert, and account owners were notified, leading to the discovery of the hack.

At the moment, the company claims that it’s not aware of any ongoing harm or risk to the affected employees due to the incident. Additionally, since the attack came through a third party, in this case, US-based financial services firm Fidelity, General Dynamics’ business units are reportedly safe.

The hackers first accessed the accounts on October 1, and the company shut down the service after discovering the attack, limiting any potential damage. Regardless, affected individuals receive two years of free credit monitoring. Targeted employees have also been notified to change their Fidelity and other account credentials for additional safety.

Fidelity has had a rough year, with back-to-back data breaches plaguing its user base. The Fidelity Investments Life Insurance Company was targeted earlier in 2024, affecting over 28,000 users. Another attack was carried out on Fidelity Investments customers, affecting over 77,000 users.

In the News: DoT reduces international spoof calls by 90% in two months

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>