Hackers Attack Nuclear Site And Steal 50GB Of Data Including 100K Emails

hackers attack nuclear site steal data news
Over the weekend, a group of Iranian hackers stole a trove of files from a nuclear technology agency. However, rather than comprising a state-backed hacking group, the hackers in question identify as anti-regime hacktivists who operate under the name “Black Reward.” The group claims to have stolen at least 50 GB of files from the Nuclear Power Production and Development (NPPD) Company of Iran, a subsidiary of the Atomic Energy Organization of Iran (AEOI).

This data breach appears to have impacted the NPPD company email server, as Black Reward claims to have accessed 324 email inboxes and exfiltrated over 100,000 email messages. Shortly after announcing the data breach, the hacktivist group publicly shared the full 50 GB collection of stolen emails on Telegram, but warned against downloading and viewing the files without taking precautionary security measures. According to Black Reward, the email trove includes lots of spam and phishing messages with malicious attachments.

bushehr nuclear power plant news
Bushehr nuclear power plant in Iran (source: Tasnim News Agency)

Two days after posting the initial data dump, the hacktivist group shared a truncated version of the database with most of the spam and phishing messages removed. While preparing this second version of the stolen files, the hackers surfaced video footage showing what looks to be the inside of an Iranian nuclear facility. Beyond this video footage, Black Reward claims to have discovered private conversations with the International Atomic Energy Agency (IAEA), contracts and agreements with domestic and foreign partners, construction, logistics, and strategic plans, information and documentation concerning Iran’s Bushehr nuclear power plant, and passports and visas belonging to Iranian and Russian specialists who work in the power plant, as well as related trip and mission details.

The Atomic Energy Organization of Iran has published a response to the data breach, rejecting the view that any valuable data was stolen. The organization instead portrays the incident as little more than a publicity stunt meant to draw attention and foment negative media narratives.