blackbasta attacks Elbit Systems

Incident Date:

June 26, 2022

World map



blackbasta attacks Elbit Systems


Elbit Systems




Fort Worth, USA

Texas, USA

First Reported

June 26, 2022

Elbit Systems of America Suffers Ransomware Attack by Black Basta

Elbit Systems of America, a subsidiary of the Israeli defense organization Elbit Systems, has suffered a ransomware attack by the Black Basta group. The attack occurred on June 8, 2022, and was discovered by the company on the same day. The breach impacted 369 employees, exposing their personal information, including full names, addresses, Social Security numbers, ethnicities, and birthdays.

Elbit Systems of America is a U.S.-based company that provides technology-based systems for defense, commercial aviation, homeland security, medical instrumentation, and law enforcement. The company has a significant presence in the manufacturing sector, which makes it a valuable target for threat actors seeking to exploit vulnerabilities in the supply chain.

The Black Basta ransomware gang, which has been active since April 2022, claimed responsibility for the attack and added the company's name and information to their leak site. The group uses a double-extortion attack method, encrypting files and threatening to publish stolen data if the ransom is not paid within a specified timeframe.

The breach highlights the need for cybersecurity risk prevention measures, particularly in the aerospace and defense industry, where a single attack can have significant consequences for national security and critical infrastructure. As the threat landscape continues to evolve, organizations must adapt their cybersecurity strategies to protect against emerging threats and vulnerabilities.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.