Natohub claims attack on NATO’s COI. Potential data loss of 362 members

Pietro Melillo : 28 June 2024 19:47

A malicious actor released sensitive data (presumably) belonging to COI Cooperation Portal, a sharing and collaborative environmente for non classified NATO documents. This comprehensive portal is dedicated to supporting NATO organizations, nations, and partners, along with public administrations and industries across PfP (Partnership for Peace) countries.

The data leak seems to include a list of 362 members, including information like full name, email, organizzation and some non-classified documents. As usual everything have been posted on BreachForum from an user with natohub as alias.

Breach’s Details

Vuoi diventare un Ethical Hacker?
Non perdere i nostri corsi e scrivi subito su WhatsApp al numero
375 593 1011  per richiedere informazioni dicendo che hai trovato il numero sulle pagine di Red Hot Cyber

Supporta RHC attraverso:

• L'acquisto del fumetto sul Cybersecurity Awareness
• Seguendo RHC su WhatsApp
• Seguendo RHC su Telegram
• Scarica gratuitamente "Dark Mirror", il report sul ransomware di Dark Lab

Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

Natohub posted a link that permits to download sample files without password.

The sample data includes members from various organizations affiliated with NATO’s COI. These members have professional email addresses and represent government entities that have been leaked in the sample.

Although not confidential documents, the privacy and security flaw of NATO’s internal communications could lead to worst attacks. The information provided by natohub could be used to perform phishing attacks, social engineering and other unwanted actions againt NATO’s members.

As is our custom, we always leave room for a statement from the company should it wish to give us updates on the matter. We will be happy to publish such information with a specific article highlighting the issue from the victim side.

RHC will monitor the development of the matter so as to publish further news on the blog if there is substantial news. If there are persons with knowledge of the facts who would like to provide information anonymously, they can use the encrypted whistleblower email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"