Pietro Melillo : 28 June 2024 19:47
A malicious actor released sensitive data (presumably) belonging to COI Cooperation Portal, a sharing and collaborative environmente for non classified NATO documents. This comprehensive portal is dedicated to supporting NATO organizations, nations, and partners, along with public administrations and industries across PfP (Partnership for Peace) countries.
The data leak seems to include a list of 362 members, including information like full name, email, organizzation and some non-classified documents. As usual everything have been posted on BreachForum from an user with natohub as alias.
Natohub posted a link that permits to download sample files without password.
The sample data includes members from various organizations affiliated with NATO’s COI. These members have professional email addresses and represent government entities that have been leaked in the sample.
Although not confidential documents, the privacy and security flaw of NATO’s internal communications could lead to worst attacks. The information provided by natohub could be used to perform phishing attacks, social engineering and other unwanted actions againt NATO’s members.
As is our custom, we always leave room for a statement from the company should it wish to give us updates on the matter. We will be happy to publish such information with a specific article highlighting the issue from the victim side.
RHC will monitor the development of the matter so as to publish further news on the blog if there is substantial news. If there are persons with knowledge of the facts who would like to provide information anonymously, they can use the encrypted whistleblower email.
Pietro Melillo