Wind River Security Incident Exposed Personnel Records, SSNs, Passport Numbers


Wind River Systems, on Friday, cautioned of a "security incident" that had exposed personnel records. Wind River Systems, otherwise called Wind River, is an Alameda, California-based entirely owned subsidiary of TPG Capital. Wind River Systems was formed by a partnership of Jerry Fiddler and Dave Wilner. In 2009, Wind River was obtained by Intel. In 2018, Intel spun out its Wind River division, which was then acquired by TPG Capital. The organization creates embedded system software consisting of run-time software, industry-explicit software, simulation technology, development tools, and middleware.

One or more files were downloaded from the organization's network on or about September 29, 2020, it said. “We have been working with law enforcement and outside experts to investigate a security incident that occurred toward the end of September,” as per the security-incident notice, recorded with California's Attorney General as a part of the state's data breach notification requirements. “We have no indication that any information in these files has been misused.” 

Wind River said that the full scope of data affected incorporates dates of birth, SSNs, social insurance, driver's license or public national identification numbers, passport or visa numbers, health data, or financial account information. However, details regarding the specific health data that was affected remain unclear. If accessed, this sort of information can give cybercriminals the tools that they need for identity-theft attacks, phishing tricks, and more. It's indistinct as to how many people were affected, and if those affected incorporate any customers. As of 2018, the organization had 1,200 workers. What’s also not stated is the context around how the files were downloaded from Wind River's network. 

The organization said in its notice that it doesn't know about any “actual or attempted misuse” of individual data as a result of the event. “Recent searches by our experts did not uncover any of these files online,” as indicated by Wind River. The organization said that it has installed extra security monitoring tools and implemented new processes as a result of the incident. Meanwhile, it is advising those affected to stay vigilant by observing their credit reports.