A hacking group has allegedly breached a company described as being responsible for Indian nuclear reactors and chemicals. The threat actors have publicly claimed responsibility for the significant cyberattack, asserting that they have exfiltrated a large volume of sensitive data from the firm Chemicals Nuclear. The incident highlights the growing threat of cyberattacks against critical national infrastructure and raises alarms about the potential exposure of highly confidential state-related information.
The attackers have put the allegedly stolen information up for sale on a dark web forum. According to their post, they are selling 17 databases with a total size of 5.2 GB, claiming this is only a fraction of the more than 80 databases they have obtained. To prove their claims, the group has also leaked a sample file containing a list of chemicals and other data. The sale of this information to malicious actors could pose a severe threat to public safety and national security.
The list of allegedly compromised data is extensive and contains highly sensitive details about the company’s operations and personnel. The threat actors claim the stolen databases include the following:
- Precise locations of nuclear reactors
- Chemical laboratory locations
- Accurate information about all employees
- Email addresses
- Passwords
- Accurate information about guards
- Guard schedules and shifts
- Industrial and engineering information about nuclear reactors
- Highly sensitive financial records
- Employment ID numbers
- Other sensitive data related to infrastructure
