NATO “looking into” supposed data theft by hackers

NATO experts are investigating hacker claims of a data breach involving information supposedly taken from the Communities of Interest (COI) Cooperation Portal.

SiegedSec hackers said they stole unclassified data from COI Cooperation Portal earlier this week. NATO uses the website to share unclassified information between departments and the 31 nation-states that make up the military alliance.

“NATO cyber experts are actively looking into the recent claims associated with its Communities of Interest Cooperation Portal,” the alliance’s spokesperson told Cybernews.

According to cybersecurity firm CloudSEK, the alleged leak consists of 845 MB of compressed data and contains information related to the partnered countries as well as access to user accounts. The dataset also contains nearly 8,000 rows of sensitive data related to the website’s users.

The dataset attackers claim to have stolen allegedly includes users’ full names, company and unit data, working group details, job titles, business email, residence addresses, and user photos.

NATO’s spokesperson said the alliance faces malicious cyber activity on a daily basis and is responding to the issue by continuously strengthening its “ability to detect, prevent, and respond to such activities.”

“NATO’s classified networks are not affected and there is no impact on NATO operations. Investigation and mitigation activities are ongoing by our experts,” the spokesperson explained.

Who are SiegedSec?

Security researchers noted the SiegedSec hacktivist group emerging around the time of the Russian invasion of Ukraine last February. However, whether or not SiegedSec is entirely partisan remains a mystery.

The group targets victims indiscriminately and does not appear to be motivated by money. In February this year, cybersecurity analyst SocRadar claimed that SiegedSec “shows no preference for the industries or locations of its victims.”

SiegedSec has reportedly compromised dozens of companies in a single year, stealing data and leaking emails. The collective’s preferred method of leaking the information it gathers is via various forums or its Telegram channel.

The group claims that it hacked software company Atlassian earlier this year. SiegedSec also targeted the Colombian government in late spring of 2023.

The exact motives behind the group choosing NATO as a target remain unclear. SiegedSec simply said it doesn’t like the alliance on the group’s Telegram channel.