- Hackers claim to have stolen more than 800 confidential engineering files from Pickett and Associates, linked to major US utilities.
- Data includes LiDAR point clouds, orthophotos, design files, and transmission corridor maps, now on sale for ~$600,000.
- Duke Energy is investigating; The attackers also sell data from Germany’s Enerparc AG, indicating they are targeting critical infrastructure.
Pickett and Associates, a Florida-based geospatial, surveying and civil engineering services company, was allegedly hacked and had confidential client data stolen.
Earlier this week, cybercriminals posted a new thread on a dark web forum claiming to have stolen more than 800 company files. The data, they say, is “real operational engineering data from active projects of major utilities and is suitable for infrastructure analysis and risk assessment.”
Pickett and Associates’ clients are primarily investor-owned utilities, municipalities, electric cooperatives, and mining operations in the United States and the Caribbean, who contract with the firm for transmission and distribution design, project management, surveying, aerial mapping, and LiDAR services.
Sell the database for bitcoin.
While the full list of customers is unknown, the bad actors claim to have taken files from, as The Register puts it, “some very large American utilities”: Tampa Electric Company, Duke Energy Florida and American Electric Power.
The files reportedly include more than 800 classified raw LiDAR point cloud files in .las format, complete coverage of substations and transmission line corridors (including layers of bare earth, vegetation, conductors and structures), high-resolution orthophotos in .ecw format, MicroStation design files and PTC configurations, large vegetation feature files in .xyz format, and other data.
The attackers are now selling the stolen files for 6.5 bitcoins, or approximately $600,000.
Pickett USA decided not to comment on the hackers’ claims, but Duke Energy told The Register it is currently investigating it.
“As threats evolve every day, Duke Energy’s highly skilled cybersecurity team works diligently to protect our businesses, systems and information technology assets and responds quickly if a cyber incident occurs,” the company told the publication. “We are taking the necessary steps to investigate this claim.”
The same source also states that this cybercriminal appears to focus on energy organizations and other critical infrastructure, as it sells an internal database belonging to the German company Enerparc AG.
Through The Registry
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
