NATO’s IT team is currently conducting an investigation into an alleged data-theft hack on its Communities of Interest (COI) Cooperation Portal by a hacking group called SiegedSec. The COI Portal serves as a vital unclassified information-sharing and collaboration environment for supporting NATO organizations and member nations.
SiegedSec claimed on Telegram that they had stolen hundreds of documents from the portal, prompting cybersecurity company CloudSEK to analyze the leaked data, revealing 845MB of files, 8,000 rows of user-related sensitive information, unclassified documents, and user account access details.
The leaked data includes personal details such as full names, company or unit affiliations, working group information, job titles, business email IDs, residence addresses, and even photographs.
CloudSEK’s analysis indicates that the data breach, if confirmed, affects 31 member nations of the NATO alliance. NATO officials have acknowledged the claims and are actively investigating the incident, as they face continuous cyber threats and strive to strengthen their ability to detect, prevent, and respond to such attacks.
SiegedSec, known for previous hacks like a breach on software company Atlassian, appears to be driven more by hacktivism than financial motives. They have a history of leaking sensitive information, and their attack on the COI portal is said to be in protest against alleged human rights violations by NATO member countries. They explicitly state that the attack is unrelated to the conflict between Russia and Ukraine and is instead a retaliation against NATO nations.
The hackers emphasized that the motive also involves a desire to cause chaos and make a statement, suggesting that the leak of documents is, in their view, enjoyable.
