Ransomware

Alleged AMCOM Data Breach Exposes Military Docs On Dark Web

The AMCOM data leak on BreachForums by IntelBroker exposed technical documents and images of Boeing CH-47F Chinook and Sikorsky H-60 Black Hawk helicopters.

by Ashish Khaitan June 20th, 2024

Share on LinkedInShare on Twitter

The U.S. Army Aviation and Missile Command (AMCOM), based at Redstone Arsenal, Alabama, has been spotlighted following an alleged data breach claimed by a prolific dark web hacker.

The AMCOM data breach, announced by the threat actor on June 16, 2024, but occurring in August 2023, involved the unauthorized release of critical documents related to key military aircraft.

The US Army Aviation and Missile Command (AMCOM) plays a pivotal role in supporting the U.S. Army by managing the development, acquisition, and sustainment of aviation and missile systems. It ensures the operational readiness of these systems, provides logistical support and maintains the supply chain critical for defense operations.

Decoding the AMCOM Data Breach Claims

The AMCOM data leak, disclosed on BreachForums by a user known as IntelBroker, exposed detailed technical documents and images about the Boeing CH-47F Chinook and Sikorsky H-60 Black Hawk helicopters. IntelBroker, a moderator on the platform, claimed responsibility for the leak, stating, “Today, I’m releasing the U.S. Army Aviation and Missile Command data breach.”

The Cyber Express reached out to the U.S. Army Aviation and Missile Command to learn more about the authenticity of the AMCOM data breach. However, at the time of writing this, no official statement or response has been received, leaving the claims for the AMCOM data leak unconfirmed right now. 

Moreover, the AMCOM website appears operational, suggesting the breach may have targeted specific backend systems rather than impacting public-facing services like DDoS attacks or website defacements.

IntelBroker and the Recent Exploits 

IntelBroker, a notorious threat actor known for orchestrating multiple high-profile data breaches, recently claimed responsibility for infiltrating Apple’s security infrastructure. This assertion follows their previous claims of breaching organizations like Advanced Micro Devices (AMD), where sensitive data such as customer databases and source code was compromised.

The cybercriminal has a track record of targeting prominent entities such as government agencies like Europol and the U.S. State Department, as well as major corporations including Barclays Bank, Facebook Marketplace, and Home Depot.

In the latest incident, IntelBroker purportedly accessed the source code of three internal tools utilized by Apple: AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin. While Apple has not confirmed the breach, reports from tech news outlets detailed claims made on BreachForums suggesting a June 2024 data breach on Apple.com facilitated by IntelBroker.

The threat actor’s activities highlight the ongoing challenges in cybersecurity, highlighting vulnerabilities across diverse sectors and institutions globally.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button