- Hackers claim to have stolen more than 800 sensitive engineering files from Pickett and Associates, a company linked to major US utilities.
- The data includes LiDAR point clouds, orthophotos, design files and transmission corridor maps, now on sale for around $600,000.
- Duke Energy investigates; The attackers also sell data from German company Enerparc AG, indicating that they are focusing on critical infrastructure.
Pickett and Associates, a Florida-based civil engineering, surveying and geospatial services company, was allegedly hacked and had sensitive client data stolen.
Earlier this week, cybercriminals posted a new thread on a dark web forum claiming to have stolen more than 800 files from the company. The data, they say, is “real operational engineering data from active large utility projects and is suitable for infrastructure analysis and risk assessment.”
Pickett and Associates’ clients are primarily investor-owned utilities, municipalities, electric cooperatives, and mining operations throughout the United States and the Caribbean, who use the firm for transmission and distribution design, project management, land surveying, aerial mapping, and LiDAR services.
Sell the database for Bitcoin
Although the full list of customers is unknown, the criminals claim to have stolen files from – as The Register puts it – “very large American utilities”: Tampa Electric Company, Duke Energy Florida and American Electric Power.
The files reportedly include more than 800 raw LiDAR point cloud files filed in .las format, comprehensive coverage of transmission line corridors and substations (including layers of bare earth, vegetation, conductors and structures), high-resolution orthophotos in .ecw format, MicroStation design files and PTC parameters, large vegetation feature files in .xyz format, and other data.
The attackers are now selling the stolen files for 6.5 bitcoins, or around $600,000.
Pickett USA decided not to comment on the hackers’ claims, but Duke Energy told The Register it is currently looking into the matter.
“With threats evolving every day, Duke Energy’s highly skilled cybersecurity team works diligently to protect our businesses, systems and IT assets and responds quickly if a cyber incident occurs,” the company told the publication. “We are taking the necessary steps to investigate this allegation.”
The same source also claims that this cybercriminal appears to focus on organizations in the energy sector and other critical infrastructure, since it sells an internal database belonging to the German Enerparc AG.
Via The register
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
