A threat actor, IntelBroker, has purportedly leaked the database of Space-Eyes, a provider of on-demand tasking to a Synthetic Aperture Radar satellite. Their services, which integrate collections across all weather and lighting conditions with contextual data, are primarily focused on analyzing threats in the maritime domain. The breach, allegedly occurring in April 2024, exposed highly sensitive documents pertinent to national security within the US government. Notably, Space-Eyes’ exclusive clientele includes entities such as the US Department of Justice, Department of Homeland Security, various branches of the US military, the Defense Science and Technology Agency, the US Space Force, and the National Geospatial-Intelligence Agency.
As a purported demonstration of the breach, the threat actor claims to have shared samples from two CSV files, labeled “DENIED_PERSON.csv” and “PTUSER.csv”. These files purportedly contain sensitive data such as denied person details, including names, addresses, effective and expiration dates, and user information like IDs, names, titles, contact details, passwords, and organizational affiliations.