It has been detected that Anonymous threat actors have shared a breach of the e-mail system security belonging to the Russian-based energy organization Elektrocentromontazh (EMC). Elektrocentromontazh provides electrical installation, transportation, manufacturing, design, and information technology services.

When the share was examined, it was observed that 1.23 million e-mails with a size of 1.7 TB, allegedly belonging to Elektrocentromontazh, were seized by threat actors and shared publicly in torrent file format. The sharing states that local ECM customers include important institutions/organizations such as Novovoronezh, Kursk, and Smolensk Nuclear plants, Moscow Electrical Directorate, the Moscow Government Energy Department, and Baltic oil Pipelines LLC. In addition, it is known that companies such as AREVA GmbH, Schneider Electric, and SIEMENS are among the international customers of ECM.

It is recommended to perform attack surface analysis against critical cyber-attacks that may cause important data disclosures. In addition, it is important to raise awareness of company employees against target-oriented advanced phishing attacks and to use up-to-date services and technologies on corporate devices.