CyberScoop reports that the U.S. Defense Counterintelligence and Security Agency has begun an investigation into the ALPHV/BlackCat ransomware operation's alleged compromise of sensitive military-related data as part of its attack against Virginia-based IT services firm Technica.
Technica had 300GB of data stolen during the attack, according to ALPHV/BlackCat, which also posted screenshots showing documents with individuals' names, clearance levels, designations, and Social Security numbers, as well as contracts for various government agencies, invoices, and data about government contractors.
"The Defense Counterintelligence and Security Agency is aware of the allegations of this incident and is coordinating with the appropriate law enforcement and security officials to address concerns," said Defense Department spokesperson Sue Gough.
Meanwhile, Recorded Future ransomware researcher Allan Liska emphasized the severity of ALPHV/BlackCat's claims.
"Even if there aren't classified documents per se, there is a lot of sensitive data that can be garnered from even confidential or sensitive documents," noted Liska, who wanted about the potential use of compromised data in nation-state attacks.