Acuity Data Breach: Attackers Claim to Have Leaked Federal Agents’ Data and Classified Documents

A group of attackers has claimed to have breached Acuity, a tech consulting firm that works with national and public safety authorities. The attackers allegedly leaked federal agents’ data and classified documents, which were posted on a popular data leak forum used by cybercriminals.

The attackers boasted about their breach, stating, “Today, I am releasing the documents belonging to the Five Eyes Intelligence Group. This data was obtained by breaching into Acuity Inc., a company that works directly with the US Government and its allies.”

However, Acuity’s CEO, Rui Garcia, denies that any recent sensitive data was taken from their system. Garcia explained that the cybersecurity incident was related to GitHub repositories containing dated and non-sensitive information, which was promptly addressed following vendor guidance.

The Cybernews research team investigated the leaked data sample and found that while it may contain some sensitive information, the scale of the leak may be exaggerated. The data dump had formatting issues that made it incompatible with SQL, suggesting it could be test data. The database contained 650 unique email addresses, some of which were misspelled.

The alleged breach was carried out by a trio of attackers, with one known as IntelBroker, who has targeted high-profile entities in the past. The leaked details reportedly include information on employees from federal agencies like the FBI, State Department, and Department of Homeland Security, as well as classified information shared between the US and its allies.

While the leaked documents appear to be sensitive, their authenticity cannot be verified. Acuity is working with law enforcement and implementing additional security measures to protect its operations and clients’ data.