The Anubis ransomware group has allegedly breached TRAF Industrial Products Inc., a critical Canadian contractor for the global aerospace and defense industries. Based in Saint-Laurent, Quebec, TRAF has been a specialized machine shop since 1987, providing precision-machined components for major international corporations, including Boeing, Airbus, Lockheed Martin, Bombardier, and Pratt & Whitney. The company plays a significant role in the supply chain for commercial and military projects, manufacturing over 1,600 unique products for its high-profile clients.
The threat actors claim to have exfiltrated a vast amount of sensitive corporate and personal data, which they have threatened to release publicly. Screenshots shared by the group suggest the breach includes highly confidential information. The compromised data allegedly contains technical documentation, financial records, and the personal information of employees, including passports, contracts, and social insurance numbers. The leak also appears to contain proprietary agreements with clients like Boeing, highlighting the potential gravity of the breach for national and international security interests.
The data was allegedly stolen from the company’s network and has been organized into several categories. The folder structure of the leaked data purportedly includes:
- STANDARDS
- ADMINISTRATION
- HUMAN-RESSOURCES
- MARKETING
- QUOTATION
- PROCUREMENT
- MANUFACTURING
- QUALITY
- SALES
- CGP
- IT
