Zoom In IconArrows pointing outwards
The hacker group REvil has become a headache for a new victim: a 50-person firm based in Albuquerque that consults with the federal government on security-related projects.
Sol Oriens, which consults for the U.S. Department of Energy’s National Nuclear Safety Administration, confirmed to CNBC that it became aware of the “cybersecurity incident” in May, its investigation is ongoing and law enforcement has been notified.
In a statement, the company said it “recently determined that an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”
Sol Oriens did not name the attacker or confirm that it was ransomware, but CNBC has learned that the well-known hacker group REvil was responsible for the attack, according to cybersecurity sources.
One cybersecurity firm, which has seen documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021 and wage sheets containing full names and social security numbers of Sol Oriens employees.
Sol Oriens said that it has