Employee data exposed in Maxar Space Systems security breach

Maxar Space Systems, a leading satellite manufacturer in the United States, has revealed a data breach that compromised the personal information of its employees. The incident, which was discovered on October 11 2024, involved a hacker using a Hong Kong-based IP address to infiltrate the company’s network.

This breach comes as a significant concern, given Maxar’s reputation as a key player in the American aerospace industry. Headquartered in Colorado, the company is renowned for its expertise in building communication and Earth observation satellites, with over 80 currently in orbit. Maxar’s technology has contributed to some of the most notable space exploration programmes, including NASA’s Psyche mission and the Artemis Moon exploration initiative, both of which relied on the advanced capabilities of the Maxar 1300 satellite platform.

 

Maxar Space Systems reported that the intrusion went undetected for a week.

 

According to Maxar, the intrusion occurred approximately one week before their information security team identified it. In response, the company promptly secured its systems to prevent further unauthorised access.

The breach targeted files containing sensitive employee information. Among the exposed data were names, home addresses, Social Security numbers, business contact details, gender, employment status, employee ID numbers, job titles, dates of hire and termination, role commencement dates, and details of supervisors and departments. Despite the extensive nature of the data accessed, Maxar has confirmed that no banking information was compromised during the attack.

To support those affected, Maxar Space Systems is offering identity protection and credit monitoring services through IDShield to current employees. Former employees have also been granted access to identity theft protection services via IDX, with the opportunity to enrol in these services until mid-February 2025.

The incident also brought up questions about the potential exposure of proprietary data. It follows a related cybersecurity event in July 2024, where a threat actor claimed to have scraped user data from GeoHIVE, a geospatial intelligence platform owned by Maxar’s parent company, Maxar Technologies. While the current breach appears to focus on employee data, concerns persist over whether sensitive technical information may also have been compromised.

Maxar Technologies has not yet confirmed any connection between the two incidents. Attempts to seek clarification from the company have so far been unsuccessful. The breach highlights the growing challenges faced by organisations in safeguarding sensitive data, particularly within industries as critical as aerospace.