A threat actor has allegedly offered a database for sale containing 25 GB of sensitive information purportedly belonging to the Iranian Nuclear Program. The data was advertised on a dark web forum and appears to originate from the Atomic Energy Organization of Iran, a government body central to the nation’s nuclear activities. The breach’s significance is underscored by sample data which includes documents and logs from the Bushehr Nuclear Power Plant, Iran’s first and only operational nuclear power station. This facility is a critical piece of national infrastructure, making the potential exposure of its internal data a matter of high concern.
The seller claims the compromised database contains a wide range of sensitive information. The actor advertised that the leak includes detailed personnel and operational data. The exposure of such specific information could present significant security risks, potentially revealing the inner workings of the facility and details about its employees. The sample files shared by the threat actor to substantiate their claims appear to show detailed operational logs, technical specifications, and internal staff records.
The allegedly leaked data includes:
- Full Names
- Email Addresses
- Employee IDs
- Documents related to the scope of the Nuclear Program
