- Hackers claim to have stolen more than 800 sensitive technical files from Pickett and Associates, linked to major US utilities
- Data includes LiDAR point clouds, orthophotos, design files and transmission corridor maps, now on sale for ~$600,000
- Duke Energy Investigates; Attackers are also selling data from Germany’s Enerparc AG, signaling a focus on critical infrastructure
Pickett and Associates, a Florida-based engineering, surveying and geospatial services firm, has reportedly been hacked and had sensitive client data stolen.
Earlier this week, cybercriminals posted a new thread on a dark web forum claiming to have stolen more than 800 files from the company. The data, they say, is “real, operational engineering data from active projects of major utilities and is suitable for infrastructure analysis and risk assessment.”
Pickett and Associates’ clients are mostly investor-owned utilities, municipalities, electric cooperatives and mining operations across the United States and the Caribbean, which hire the firm for transmission and distribution design, project management, surveying, aerial mapping and LiDAR services.
Selling the database for bitcoin
While the full list of clients is unknown, the miscreants claim to have taken files from — as The Register puts it — “some very large U.S. utilities”: Tampa Electric Company, Duke Energy Florida and American Electric Power.
The files reportedly include more than 800 classified raw LiDAR point cloud files in .las format, full coverage of transmission line corridors and substations (including layers for bare soil, vegetation, conductors and structures), high-resolution orthophotos in .ecw format, MicroStation design files and PTC settings, large vegetation feature files in .
The attackers are now selling the stolen files for 6.5 bitcoin, or approximately $600,000.
Pickett USA decided not to comment on the hackers’ claims, but Duke Energy told The Register that it is currently investigating.
“With threats evolving every day, Duke Energy’s highly skilled cybersecurity team works diligently to protect our businesses, systems and information technology assets and respond quickly if a cyber incident occurs,” the company told the publication. “We are taking the necessary steps to investigate this allegation.”
The same source also claims that this cybercriminal appears to be targeting energy and other critical infrastructure organizations as it sells an internal database belonging to Germany’s Enerparc AG.
Via The register
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
