{ "id": "98197327-f135-43e1-9c77-b8a14f19208c", "created_at": "2026-04-06T00:21:17.156607Z", "updated_at": "2026-04-10T03:28:17.511094Z", "deleted_at": null, "sha1_hash": "04910b60b0ecffba0637671ebc0894f8bc6e90c9", "title": "CySecurity News - Latest Information Security and Hacking Incidents: Missile Supplier MBDA Breach Disclosed by CloudSEK", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 76868, "plain_text": "CySecurity News - Latest Information Security and Hacking\r\nIncidents: Missile Supplier MBDA Breach Disclosed by CloudSEK\r\nBy CySecurity News, twitter.com/ehackernews\r\nArchived: 2026-04-05 13:16:38 UTC\r\nIn July, a threat actor operating by the online alias Adrastea claimed to have breached MBDA. The threat actor\r\ndescribes itself as a team of independent cybersecurity experts and researchers.\r\nAccording to Adrastea, they have taken 60 GB of sensitive data and discovered significant flaws in the\r\norganization's infrastructure. As per attackers, the stolen material includes details about the remaining workforce\r\nparticipating in military programs, business ventures, contract agreements, and correspondence with other\r\nbusinesses.\r\nA new advisory about the suspected hacking campaign against MBDA has been published by security researchers\r\nat CloudSEK. The blog site, posted on Sunday, claimed that CloudSEK's researchers were successful in locating\r\nand decrypting the password-protected ZIP file holding the evidence for the data breach. \r\nThe hackers uploaded a post in which the password to unlock the file was mentioned. Two folders with the names\r\n'MBDA' and 'NATO Diefsa' were included in the ZIP file.\r\nhttps://www.cysecurity.news/2022/11/missile-supplier-mbda-breach-disclosed.html\r\nPage 1 of 2\n\nThe folder, according to the security professionals, contained files outlining the private personally identifiable\r\ninformation (PII) of MBDA's employees as well as numerous standard operating procedures (SOPs) supporting\r\nthe need for NATO's Counter Intelligence to prevent threats related to terrorism, espionage, sabotage, and\r\nsubversion (TESS).\r\nThe SOPs define NATO collection and plan functions, roles, and practices utilized in support of NATO operations\r\nand exercises. According to CloudSEK, \"the SOPs also contain all IRM \u0026 CM (Intelligence Requirement\r\nManagement and Collection Management) process activities that result in the successful and efficient execution of\r\nthe intelligence cycle.\" \r\nInternal drawings of missile system wiring diagrams, electrical schematic diagrams, and records of actions\r\nconnecting the MBDA to the European Union's Ministry of Defence were also apparently included in the retrieved\r\npapers. \r\nThe cybersecurity firm made it clear that Adrastea's reputation as a threat actor is currently poor due to the\r\nnumerous objections and concerns noted in the dark web forums where hackers purportedly posted the MBDA\r\nmaterial. \r\nFurthermore, as this is the group's first known activity, it is challenging to determine whether the material posted\r\nis accurate. \r\nSource: https://www.cysecurity.news/2022/11/missile-supplier-mbda-breach-disclosed.html\r\nhttps://www.cysecurity.news/2022/11/missile-supplier-mbda-breach-disclosed.html\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "MISPGALAXY", "Malpedia" ], "references": [ "https://www.cysecurity.news/2022/11/missile-supplier-mbda-breach-disclosed.html" ], "report_names": [ "missile-supplier-mbda-breach-disclosed.html" ], "threat_actors": [ { "id": "b8963354-6ff9-4ffe-b6e7-763f6d9858ac", "created_at": "2024-06-25T02:00:05.038351Z", "updated_at": "2026-04-10T02:00:03.658601Z", "deleted_at": null, "main_name": "Adrastea", "aliases": [], "source_name": "MISPGALAXY:Adrastea", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434877, "ts_updated_at": 1775791697, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/04910b60b0ecffba0637671ebc0894f8bc6e90c9.pdf", "text": "https://archive.orkl.eu/04910b60b0ecffba0637671ebc0894f8bc6e90c9.txt", "img": "https://archive.orkl.eu/04910b60b0ecffba0637671ebc0894f8bc6e90c9.jpg" } }