European defence large Naval Group has confirmed that it’s investigating an alleged cyber assault which has seen what purports to be delicate inside information revealed on the web by hackers.
Naval Group builds and maintains an array of ships and submarines for the French navy, together with plane carriers and nuclear submarines. It counts a number of overseas navies amongst its prospects together with India and Brazil.
As such, a safety breach towards the defence contractor ought to be thought of a priority for not simply France’s nationwide safety, however that of different nations as effectively.
The alleged breach first got here to mild after a hacker calling themselves “Neferpitou” put up on the market what they claimed to be roughly 1 TB of Naval Group’s inside information, providing a 13GB free “pattern” of its contents.
The announcement was made in a submit on an underground hacking discussion board.
The information was stated to incorporate supply code associated to fight techniques used on French nuclear submarines and frigates, weapon system software program, simulation environments, community designs, consumer manuals, and inside communications.
Of their discussion board submit on 23 July, Neferpitou stated that Naval Group had 72 hours to make contact or “I am going to leak every thing without spending a dime.” No ransom demand has been made public up to now.
On 25 July, Neferpitou posted an replace sharing a hyperlink to extra element and stated that Naval Group had 24 hours left to contact them.
True to their phrase, the hacker posted once more on Saturday 26 July, sharing a hyperlink to what they claimed was the whole lot of the leaked information, beneath a banner saying “!! ENJOY AND SEE YOU NEXT TIME !!”
In what appears more likely to be a sign of how Neferpitou gained entry, the hacker signed off with the message:
“Be mindful, nothing is really disconnected from Web…”
At this level Naval Group issued a assertion in French and English, saying that it was conscious of the cyber assault declare, and that it had launched a technical investigation supported by a staff of cybersecurity consultants.
The assertion stated that it was analysing and verifying the authenticity of the info that had been shared on-line in what it described as a “reputational assault.”
“At this stage, no intrusion into our IT environments has been detected and there was no affect on our actions,” concluded Naval Group’s advisory.
Final week, Microsoft warned that Chinese language hackers had been actively exploiting a distant code execution vulnerability often known as “ToolShell” in companies’ SharePoint servers.
The vulnerability, recognized technically as CVE-2025-53770, was decided by Bitdefender researchers to have compromised techniques throughout Europe, the Center East, and North America.
Though it has not been confirmed that the supply of Naval Group’s leak was on account of exploitation of an on-premises SharePoint server, what’s plain is that there was an extended historical past of nations breaching the defence infrastructure of different nations to collect intelligence and trigger disruption.
Cybercriminals, whether or not state-sponsored or not, are focused on stealing delicate info which might have greater than a monetary worth.
All companies, no matter whether or not they work within the defence sector or not, can be silly to disregard the risk posed by hackers. It’s important to make sure that your organisation has sturdy defences in place to cut back the danger of a profitable assault.
