Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in December 2022.
The attacker breached a subset of devices on its corporate network and gained access to what it describes as information collected from affected individuals and their employers.
“On December 30, 2022, Panasonic identified evidence of an issue potentially impacting certain systems in our corporate network environment that occurred on or around December 14, 2022,” the company said in data breach notification letters filed with the Office of California’s Attorney General last week.
“We promptly initiated a comprehensive investigation into the nature and scope of the incident and impacted personal information, engaging cybersecurity and forensics experts to assist in the investigation of the incident, to assess what information may have been impacted, and to identify the individuals associated with that information.”
While some personal and health information was exposed during the incident, Panasonic has yet to find evidence that it was misused since the attack.
Information impacted during the breach includes the affected individuals’ names, contact details (email address, mailing address, and telephone number), dates of birth, medical and health insurance information, financial account numbers, company employment status, and government identifiers, such as Social Security numbers.
Panasonic will provide 24 months of free identity and credit monitoring services through Kroll for all impacted people, warning them to check the reports for signs of suspicious activity.
“The impact of the incident was restricted to a limited amount of employee and business customer data,” a Panasonic Avionics Corporation spokesperson told BleepingComputer when contacted earlier today.
“The company also notified the appropriate authorities. We have not identified any evidence of impact to any in-flight entertainment systems, connectivity, digital solutions, or maintenance operating systems. PAC’s operations were not impacted in any way.”
Panasonic’s in-flight entertainment (IFE) solutions are installed on over 15,000 commercial airplanes, while more than 3,780 provide customers with Panasonic Avionics satellite Wi-Fi connectivity.
More than 200 airlines use its IFE, Wi-Fi, and digital services on their aircraft, amounting to roughly 70% of the global IFE-equipped fleet.
Update December 27, 14:19 EST: Added Panasonic Avionics Corporation statement.
The post Panasonic discloses data breach after December 2022 cyberattack first appeared on www.bleepingcomputer.com