Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA).
The Armed Forces General Staff (Portuguese: Estado-Maior-General das Forças Armadas), or EMGFA, is the supreme military body of Portugal. It is responsible for the planning, command and control of the Portuguese Armed Forces.
Sources of the news agency considered this security breach of extreme gravity, hundreds of Secret and Confidential documents sent by NATO to Portugal are for sale on the darkweb.
The threat actors published samples of the stolen documents as proof of the hack. The documents were spotted by the US Information Services which immediately alerted the U.S. embassy in Lisbon, which warned the Portuguese authorities.
The National Security Office (GNS) and Portugal’s national cybersecurity center launched an investigation into the incident to determine the extent of the data breach.
According to the initial investigation, the documents were exfiltrated from systems in the EMGFA, in the secret military (CISMIL) and in the General Directorate of National Defense Resources.
The investigators discovered that security rules for the transmission of classified documents had been broken, and threat actors were able to access the Integrated System of Military Communications (SICOM) and receive and forward classified documents.