A significant breach has allegedly occurred at GTD System & Software Engineering, a prominent Spanish technology company specializing in high-tech systems for the defense, aerospace, and energy sectors. The company, a key partner for major European defense and aerospace entities like Navantia and Airbus, is deeply involved in critical international military projects. GTD develops sophisticated software and hardware, including combat management systems for naval frigates and armored vehicles, making the potential exposure of its data a matter of serious concern for international security and defense supply chains.
The threat actor claims to have extracted 2.71 GB of sensitive and strategic information directly from the company’s web infrastructure. The data trove is allegedly being sold online and is said to contain highly confidential documents related to major defense projects, including schematics and operational details for the AVANTE 2200 frigates and the VCR 8×8 armored vehicle. The leaked information is said to be subject to International Traffic in Arms Regulations (ITAR), highlighting the critical nature of the compromised files which could offer deep insights into advanced military technologies.
The allegedly leaked dataset is exceptionally detailed, providing a comprehensive look into the company’s operations and technological capabilities. The compromised files reportedly include:
- Technical and Engineering Documents: Detailed design and cabling diagrams, software system specifications for combat management systems, and technical manuals.
- Contracts and Commercial Documents: Contract details with partners like Navantia, including financial terms and confidentiality agreements.
- Logistics and Support Information: Spare parts lists, component lead times, and reliability analysis for military hardware.
- Chemical Material Information (MSDS): Specifications for materials used in military equipment, such as corrosion-resistant coatings.
