Security News > 2021 > February > Wind River Security Incident Affects SSNs, Passport Numbers

Wind River Systems, which develops embedded system software, on Friday warned of a "Security incident" that had exposed personnel records.

Alameda, Calif.-based Wind River develops software for embedded systems, such as Wind River Linux, its embedded Linux development platform.

Wind River said that the full scope of information affected includes dates of birth, SSNs, social insurance, driver's license or national identification numbers, passport or visa numbers, health information or financial account information.

Wind River said it "Will continue to focus on improving the cyber-resiliency and security posture of our company."

Wind River has previously dealt with various security incidents.

In 2019, researchers said that Wind River VxWorks versions that include the IPnet stack are affected by a group of bugs collectively called "URGENT/11." In 2015, a TCP prediction vulnerability was found in Wind River's widely deployed VxWorks embedded software that could enable an attacker to disrupt or spoof the TCP connections to and from target devices.

News URL

https://threatpost.com/wind-river-security-incident-ssns-passport-numbers/163550/