Austal, an Australian shipbuilder and defence contractor, says its IT systems were breached by an unknown attacker who then tried to on-sell “certain materials” in an apparent extortion bid.
The ASX-listed firm said it had “no evidence to date” that what had been accessed was classified.
It said in a statement [pdf] that data accessed included “ship design drawings which may be distributed to customers or and fabrication subcontractors or suppliers”, as well as some staff email addresses and mobile phone numbers.
Austal also said its US operations were unaffected by the breach because “the computer systems are not linked” to ones used in Australia.
The company called in both the Australian Federal Police and the Australian Cyber Security Centre for “assistance and advice” after uncovering the breach.
“Austal Australia’s Information Systems & Technology (IS&T) team have restored the security and integrity of the company’s data systems and have implemented, and continues to implement, additional security measures to prevent further breaches,” the company said in a statement.
“A small number of stakeholders who were potentially directly impacted have been informed.”
Austal said that the identity of the attacker was still unknown.
However it said the attacker had “purported to offer certain materials for sale on the internet” following the breach.
Austal said the sale of data was an extortion bid and that the company would not take the bait.