The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries’ email servers was hacked after the ”Black Reward’ hacking group published stolen data online.
AEOI says an unauthorized party from a specific foreign country, which is not named, stole emails from the hacked server, which consisted of daily correspondence and technical memos.
The agency says it immediately took the necessary preventive measures to mitigate the results of this incident and informed all concerned parties and officials to be prepared for potential exploitation attempts.
AEIO says that the purpose of the breach and the data leak was to attract public attention and smear the image of AEOI in the media.
“It is obvious that the purpose of such illegal efforts, which are carried out out of desperation, is to attract public attention, create media atmospheres, and psychological operations, and lack any other value,” reads the machine-translated AEOI statement.
‘Black Reward’ leak
The hacker group responsible for the attack calls itself ‘Black Reward’ and has leaked some of the stolen data on their Telegram channel.
There, Black Reward posted a 27GB 14-part collection of RAR archives allegedly containing 85,000 email messages characterized as “perfect for researchers.”
The hackers claim to have scrutinized the collection before publication, removing all marketing messages and spam emails and keeping only the valuable content.
The leaked data includes alleged passports and visas of Iranian and Russians working with the agency, power plant status and performance reports, contracts, and technical reports.
The threat actors’ message ends with an oblation to Mehsa Amini, the young woman who died in the custody of Iran’s “moral” police force.
The event pushed the country’s people into a month-long uprising against the ruling theocratic regime, which responded with violent crackdowns and censorship.
The hackers’ message is signed “For women, life, freedom,” giving the email server breach and data leak action the character of hacktivism.