TZUTC: -0500   
   MSGID: 1922.consprcy@1:2320/105 2dc2694c   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   Hackers claim breach of engineering firm, offer sale of info on three major    
   US utilities   
      
   Date:   
   Mon, 05 Jan 2026 20:10:00 +0000   
      
   Description:   
   Investigations are underway but the data seems to be quite valuable.   
      
   FULL STORY   
      
   Pickett and Associates, a Florida-based civil engineering, surveying, and   
   geospatial services firm, has allegedly been hacked and had sensitive client   
   data stolen.    
      
   Earlier this week, cybercriminals posted a new thread on a dark web forum   
   claiming to have stolen more than 800 files from the company. The data, they   
   say, is real, operational engineering data from active projects of major   
   utilities and is suitable for infrastructure analysis and risk assessment.    
      
   Pickett and Associates clients are mostly investor-owned utilities,   
   municipalities, electric cooperatives and mining operations across the United   
   States and the Caribbean, which hire the firm for transmission and   
   distribution design, project management, surveying, aerial mapping, and LiDAR   
   services.   
      
   Selling the database for bitcoin    
      
   While the entire roster of clients is unknown, the miscreants claim to have   
   taken files from - as The Register puts it - some very large American   
   utilities: Tampa Electric Company, Duke Energy Florida, and American Electric   
   Power.    
      
   The files allegedly include more than 800 classified raw LiDAR point cloud   
   files in .las format, full coverage of transmission line corridors and   
   substations (including layers for bare earth, vegetation, conductors, and   
   structures), high-resolution orthophotos in .ecw format, MicroStation design   
   files and PTC settings, large vegetation feature files in .xyz format, and   
   other data.    
      
   The attackers are now selling the stolen files for 6.5 bitcoin, or   
   approximately $600,000.    
      
   Pickett USA decided not to comment on the hackers claims, but Duke Energy    
   told The Register it is currently looking into it.    
      
   "With threats evolving every day, Duke Energy's highly skilled cyber security   
   team works diligently to protect our businesses, systems and information   
   technology assets and responds quickly if a cyber incident occurs," the   
   company told the publication. "We are taking the necessary actions to   
   investigate this claim."    
      
   The same source also claims that this cybercriminal seems to be focusing on   
   energy and other critical infrastructure organizations, since its selling an   
   internal database belonging to Germany's Enerparc AG.    
      
    Via The Register    
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/hackers-claim-breach-of-engineering-fir   
   m-offer-sale-of-info-on-three-major-us-utilities   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: Capitol City Online (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 134 206 275 300 307 317 400 426 428   
   SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200   
   SEEN-BY: 396/45 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12   
   SEEN-BY: 5075/35   
   PATH: 2320/105 229/426