Hackers claim breach of engineering firm, offer sale of info on three major US utilities

• Hackers claim to have stolen 800+ sensitive engineering files from Pickett and Associates, tied to major U.S. utilities
• Data includes LiDAR point clouds, orthophotos, design files, and transmission corridor maps, now for sale at ~$600,000
• Duke Energy is investigating; attackers also selling data from Germany’s Enerparc AG, signaling focus on critical infrastructure

Pickett and Associates, a Florida-based civil engineering, surveying, and geospatial services firm, has allegedly been hacked and had sensitive client data stolen.

Earlier this week, cybercriminals posted a new thread on a dark web forum claiming to have stolen more than 800 files from the company. The data, they say, is “real, operational engineering data from active projects of major utilities and is suitable for infrastructure analysis and risk assessment.”

Pickett and Associates’ clients are mostly investor-owned utilities, municipalities, electric cooperatives and mining operations across the United States and the Caribbean, which hire the firm for transmission and distribution design, project management, surveying, aerial mapping, and LiDAR services.

Selling the database for bitcoin

While the entire roster of clients is unknown, the miscreants claim to have taken files from - as The Register puts it - “some very large American utilities”: Tampa Electric Company, Duke Energy Florida, and American Electric Power.

The files allegedly include more than 800 classified raw LiDAR point cloud files in .las format, full coverage of transmission line corridors and substations (including layers for bare earth, vegetation, conductors, and structures), high-resolution orthophotos in .ecw format, MicroStation design files and PTC settings, large vegetation feature files in .xyz format, and other data.

The attackers are now selling the stolen files for 6.5 bitcoin, or approximately $600,000.

Pickett USA decided not to comment on the hackers’ claims, but Duke Energy told The Register it is currently looking into it.

"With threats evolving every day, Duke Energy's highly skilled cyber security team works diligently to protect our businesses, systems and information technology assets and responds quickly if a cyber incident occurs," the company told the publication. "We are taking the necessary actions to investigate this claim."

The same source also claims that this cybercriminal seems to be focusing on energy and other critical infrastructure organizations, since it’s selling an internal database belonging to Germany's Enerparc AG.

Via The Register

The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.