Page last updated on April 11, 2024
Garrett Motion Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-08-02 16:05:50 EDT.
Incident Details
Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)
Compromised Date:
Detected Date: 2023-07-28
Disclosure Date: 2023-08-02
Contained Date:
Recovered Date:
Attack Goal: Unknown
Costs: No Costs Tracked (yet)
Filings
8-K filed on 2023-08-02
Garrett Motion Inc. filed an 8-K at 2023-08-02 16:05:50 EDT
Accession Number: 0000950142-23-002128
Item 8.01 Other Events.
On May 31, 2023, Progress Software Corporation (the “Vendor”), a vendor to Garrett Motion, Inc. (“we” or the “Company”), disclosed a previously unknown vulnerability in the Vendor’s MOVEit file transfer software (“MOVEit”) that could enable malicious actors to gain unauthorized access to sensitive files and information. MOVEit is used by thousands of organizations for secure data file transfers and is now the subject of a widely reported cybersecurity event impacting numerous organizations and governmental agencies around the world (the “Vendor Incident”). The Company uses MOVEit for certain secure file transfers supporting its business.
Once the Vendor communicated the vulnerability and provided a patch to all its customers, including Garrett, the Company implemented it immediately. On July 28, 2023, however, the Company became aware that as a result of the Vendor Incident and prior to the Vendor providing a patch, an unauthorized party had gained access to certain data of the Company, as well as certain of its employees and customers. The Company immediately launched an investigation in partnership with third-party cybersecurity experts and notified law enforcement. There has been no interruption to the Company’s systems, services or business operations.
As the result of the Company’s investigations to date, the Company currently believes that the Vendor Incident will have no material adverse effect on its business, operations or financial results. The Company continues to work diligently to investigate the Vendor Incident and its impact on the Company, its business, operations and financial results, including to assess the data that may have been affected. The Company is complying with its legal obligations regarding the incident, including making any appropriate and legally required notifications to employees and customers.
Company Information
| Name | Garrett Motion Inc. |
| CIK | 0001735707 |
| SIC Description | Motor Vehicle Parts & Accessories |
| Ticker | GTX - Nasdaq |
| Website | |
| Category | Large accelerated filer |
| Fiscal Year End | December 30 |