Ukraine InvasionCybersecurityEnergyTravel IndustryAutos

NATO investigates online sale of classified military data, including blueprints of weapons being used in Ukraine

August 26, 2022, 12:35 PM UTC
Flags of member countries at NATO headquarters, in Brussels, April 2022.
Dursun Aydemir—Anadolu Agency/Getty Images

NATO is probing the sale of documents online that are being advertised by hackers as classified military files.

The BBC reports that a criminal group is touting what it claims are top secret files stolen from European weapons manufacturer MBDA Missile Systems.

Among the documents for sale are blueprints of weapons being used by NATO allies in the war in Ukraine: files labeled “NATO Confidential,” “NATO Restricted,” and “Unclassified Controlled Information,” according to the BBC, which was given access to a sample of the data.

A NATO official told Fortune on Friday: “We are assessing claims relating to data allegedly stolen from MBDA.

“We have no indication that any NATO network has been compromised,” the official added. “NATO takes all the necessary measures to keep our networks safe.”

Missile systems manufacturer MBDA counts NATO as one of its clients. The company has operations across Europe and the United States.

The MBDA files being sold reportedly specify details of a “communications intelligence” operation a U.S. air regiment carried out over the Baltics in 2020—including the full name, phone number, and coordinates of someone said to have been at the center of the mission.

Hackers also gave BBC reporters access to additional documents labeled “NATO Secret.”

NATO has four security classification levels: NATO Restricted, NATO Confidential, NATO Secret, and Cosmic Top Secret.

Cosmic Top Secret is the highest security clearance level given to documents by the military alliance.

Dispute over data contents

MBDA has not disputed being targeted by hackers.

However, the company has insisted since the data breach several weeks ago that the stolen information is “neither classified data nor sensitive,” refuting the hackers’ claims about what they are selling.

“No hacking of our secure networks has occurred,” a spokesperson for the company told Fortune on Friday. “MBDA can confirm that there is no protectively marked data from MBDA involved.”

The data was stolen from an external hard drive, the company said, as opposed to its more sensitive information systems.

“Following the company’s refusal to yield to this blackmail threat and pay a ransom demand, the criminal group has spread information on the internet, making it accessible for a payment,” MBDA said in a statement four weeks ago. “The company will take all possible legal actions in the face of what is a criminal act of blackmail.”

It said it was complying with Italian authorities, who were investigating the data breach.

Sign up for the Fortune Features email list so you don’t miss our biggest features, exclusive interviews, and investigations.