The Cicada3301 ransomware group has allegedly targeted Chemical & Industrial Engineering, Inc. (C&I Engineering), a prominent US-based firm specializing in engineering and project management services for various industrial sectors. Headquartered in Louisville, Kentucky, C&I Engineering is a key player in the chemical, oil & gas, and manufacturing industries. The threat actor claims to have exfiltrated over 700 GB of sensitive data from the company’s servers and has begun leaking samples to support their claims.
The preliminary analysis of the leaked files suggests a significant data breach, allegedly exposing a wide range of confidential corporate and personal information. The attackers claim the data contains sensitive material, including trade secrets and documents related to regulatory compliance. If the claims are substantiated, the breach could have severe consequences for the company, its employees, and its clients.
The allegedly leaked data includes:
- Detailed employee salary, bonus, and pay change records
- Internal financial documents, including accounts payable reports and bank statements
- Confidential project proposals and capital cost estimates
- Tax documents and correspondence with accounting firms
- Corporate credit card transaction logs
