Home » Locomotive Company Wabtec Confirms Cyberattack by LockBit Ransomware Group

Locomotive Company Wabtec Confirms Cyberattack by LockBit Ransomware Group

by iTech Post : Top News
0 comment

Wabtec, the leading locomotive and rail system company in the market, confirms a cyberattack it suffered brought by the LockBit ransomware group. They claimed that malware was installed on some systems within their network which led to data theft that was leaked online. 

What Kind of Data Was Stolen?

By the end of the investigation on November 23rd of 2022, review specialists confirmed that Webtac had fallen victim to a cyberattack by the LockBit hacker group, wherein sensitive personal information had been stolen which are the following:


Date of Birth

Non-US National ID Number

Non-US Social Insurance Number/Fiscal Code

Passport Number

IP Address

Employer Identification Number

USCIS/Alien Registration Number

UK National Health Service Number

Medical Records


Gender/Gender Identity

Social Security Number

Financial Account Information

Account Username and Password


Criminal Records

Union Affiliation

This exposes the data of the company’s employees which employs 25,000 people in 50 countries where the company operates. All the stolen data had been leaked on August 20th of 2022, according to Bleeping Computer.

The company warns individuals to remain vigilant as they may fall victim to fraudulent activities like identity theft. Victims should monitor their financial accounts and credit reports should there be anomalies present.

The company also suggested that the victims should get in touch with their banks to ask for additional security measures. As for identity protection and credit monitoring, they may use services capable of guarding them against possible identity theft or fraud. 

It was also mentioned on their website that victims can consider implementing two-factor authentication, which could protect accounts from unauthorized access. Should victims receive emails asking for personal data, they should not provide it unless they are certain of its credibility.

They should also avoid clicking links or opening attachments to messages that may appear malicious. Indicators include typos, bad grammar, formatting errors, the offer of unsolicited freebies, or requests for disclosure of financial information or passwords.

Read Also: LockBit Ransomware Strengthens Extortion Schemes Amidst DDoS Attacks

How is Wabtec Resolving the Incident?

The rail giant claims to take its responsibility to secure data seriously and has taken steps to reinforce its systems and operations security. The company’s efforts include additional safeguards and notifying applicable regulatory and data protection authorities.

The earliest report regarding the cyberattack brought by the ransomware group was on March 15th of 2022, wherein the hackers had installed malware on specific systems. It wasn’t until June 26th that they detected unusual activity within their systems.

Investigations began and news of the cyberattack broke, although the company did not confirm it. The LockBit ransomware group eventually leaked the data that was stolen from Wabtec on August 20th of 2022, which could be due to the company not paying for the ransom.

It was months later, specifically on December 30th of 2022, before the company informed the affected individuals. A formal letter has been sent to inform the victims that their personal data was among the ones that were stolen by the hacker group.

Related: LockBit Ransomware Extends Decryptor to SickKids Hospital, Apologizes for the Cyberattack

LockBit Ransomware
Ransomware Group

Sign Up for the iTechPost Newsletter

Get the Most Popular iTechPost Stories in a Weekly Newsletter

You may also like

Leave a Comment


Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign