Hackers steal 50GB data, thousands of emails from Iranian nuclear facilities

Data Breach
(Image credit: Shutterstock)

The Iranian Atomic Energy Agency has suffered a data breach that reportedly saw thousands of emails leaked - however both the agency, and the group apparently behind the attack, have their own versions of events.

Reports say the attackers breached an email server belonging to one of the agency’s subsidiaries, accessed 324 inboxes, and stole more than 100,000 emails amounting to some 50GB of data.

Now, according to a press release from the agency itself (roughly translated from Farsi), the threat actor is a foreign player, who stole and leaked the data from its endpoints in desperation and “to attract public attention”. Other than that, the breach holds no value.

Supporting the Mahsa Amini protests

On the other hand, the group behind the attack reached out to the world via Telegram from a domestic hacking group called Black Reward, which says it carried out the assault as an act of support for protesters in Iran.

For more than month now, protests have been raging in Iran, following the death of Mahsa Amini – a young woman who died after being arrested for not adhering to the country’s strict dress code. Allegedly, the group threatened to leak the data online, unless the country’s authorities released political prisoners, and other people arrested during the protests. 

Unlike the agency, which claims the data doesn’t hold any real value, and contains mostly “technical messages and routine and current everyday exchanges,” the group says the data includes "management and operational schedules of different parts of Bushehr power plant", passports and visas of Iranian and Russian specialists working there, and "atomic development contracts and agreements with domestic and foreign partners,” The Register found.

To prove its point, the group started distributing the sensitive data, but recommended interested parties to access it only via a virtual machine, as the agency’s emails are marred with viruses and other malware.

Via: The Register

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.