Sol Oriens, a US-based nuclear weapons contractor, has become a cyberattack from the REvil ransomware gang. Hackers have said that they will auction the data that was stolen during the attack.
On the other hand, according to the Sol Oriens, the attack is being investigated by a consultancy firm that works with the Department of Energy and National Nuclear Security Administration.
After the news of the cyberattack broke, the Department of Energy’s spokesperson stated that:
“The Department of Energy is aware of the cyberattack against Sol Oriens, a veteran-owned consulting firm whose clients include the Department of Energy and the National Nuclear Security Administration.”
“There is no evidence that any DOE or NNSA data was compromised, and there is no risk or impact to any government systems. We continue to stay in close communication with Sol Oriens.”
About Sol Oriens
Albuquerque, NM based nuclear contractor Sol Oriens claims to help the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.”
It caters to federal government agencies and offers services like technology management, program management, product engineering, and weapons R&D.
“The investigation is ongoing, but we recently determined that an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved,” the company’s spokesperson said.
Sol Oriens statement to us now: “In May 2021, Sol Oriens became aware of a cybersecurity incident that impacted our network environment.” H/t @mcwellons
— Eamon Javers (@EamonJavers) June 10, 2021
REvil to Auction Stolen Data
The previous week, REvil ransomware operations (aka Sodinokibi) disclosed companies’ list of which they planned to auction off to the one with the highest bid. Sol Oriens is among the companies the gang has listed.
REvil states that it has its business and employees’ data, including social security numbers and salary information. To prove that their claims are legit, the group published several images of a hiring overview file, wages report, and payroll documents.
As proof that they stole data during the attack, REvil published images of a hiring overview document, payroll documents, and a wages report. Sol Oriens says that it is currently reviewing the documents and determining the scope of the breach.
Investigation is Underway
According to a statement from the New Mexico-headquartered Sol Oriens, the company has appointed a technology forensics firm and law enforcement to investigate the incident. It further noted that the breach was discovered in May 2021.
After detecting suspicious activity within the company’s network environment, Sol Oriens’ IT team quickly secured the system and recovered priority company systems.
The company has confirmed that there’s no indication that classified or sensitive security-related data or client-related information was revealed, but it will notify impacted individuals and entities after the forensic investigation concludes.