In a post published on a dark web forum, a threat actor known as “ZeroSevenGroup” has allegedly gained full network access to servers containing 80 terabytes (TB) of sensitive data from critical Israeli infrastructure. The group claims that this data encompasses vital details across various sectors, including water, oil, gas, power, and electricity, affecting most of the country’s regions and government sectors.
According to the post, the compromised data includes:
- Detailed project information across key infrastructure sectors.
- SCADA systems.
- Sensitive diagrams with specific coordinates for projects and pipelines.
- Comprehensive databases, including customer information, financial records, and other sensitive data.
The ZeroSevenGroup threatened that the data could be used for a wide range of malicious activities. They referenced their previous attack on Toyota, hinting that they could leak the data or use it for ransomware attacks.
The threat actor is offering access to the servers for sale, allowing buyers to inflict further damage or steal the data for their purposes. Additionally, they are offering to delete the uploaded data from their own servers for the right price.
The post invites interested parties to send a private message to negotiate access or data deletion.