Cybercriminals Claim Theft of 800+ Sensitive Engineering Files from U.S. Utilities Firm
Hackers have allegedly stolen over 800 sensitive engineering files from Pickett and Associates, a Florida-based civil engineering and geospatial services firm, and are offering the data for sale on a dark web forum for 6.5 bitcoin (≈$600,000). The compromised files include LiDAR point clouds, orthophotos, transmission corridor maps, design files, and vegetation feature data, reportedly tied to major U.S. utilities.
Among the affected clients are Tampa Electric Company, Duke Energy Florida, and American Electric Power, though the full list remains undisclosed. The stolen data—used for infrastructure analysis and risk assessment—includes raw LiDAR files (.las), high-resolution orthophotos (.ecw), MicroStation design files, and detailed transmission line corridor mappings covering bare earth, vegetation, conductors, and substations.
Duke Energy confirmed it is investigating the claims, stating its cybersecurity team is taking "necessary actions" to assess the incident. The same threat actor is also selling an internal database from Germany’s Enerparc AG, suggesting a broader focus on critical infrastructure targets.
Pickett and Associates has not commented on the breach. The incident underscores growing cyber threats to energy sector supply chains and operational security.
Enerparc AG TPRM report: https://www.rankiteo.com/company/enerparc-inc-
Pickett and Associates TPRM report: https://www.rankiteo.com/company/pickett-&-associates-inc-
"id": "enepic1767646937",
"linkid": "enerparc-inc-, pickett-&-associates-inc-",
"type": "Breach",
"date": "1/2026",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'Investor-owned utilities, '
'municipalities, electric '
'cooperatives, and mining '
'operations across the United '
'States and the Caribbean',
'industry': 'Engineering, Utilities',
'location': 'Florida, USA',
'name': 'Pickett and Associates',
'type': 'Civil Engineering, Surveying, and Geospatial '
'Services Firm'},
{'industry': 'Energy',
'location': 'USA',
'name': 'Tampa Electric Company',
'type': 'Utility'},
{'industry': 'Energy',
'location': 'USA',
'name': 'Duke Energy Florida',
'type': 'Utility'},
{'industry': 'Energy',
'location': 'USA',
'name': 'American Electric Power',
'type': 'Utility'},
{'industry': 'Renewable Energy',
'location': 'Germany',
'name': 'Enerparc AG',
'type': 'Energy Company'}],
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['.las',
'.ecw',
'.xyz',
'MicroStation design files',
'PTC settings'],
'number_of_records_exposed': '800+ files',
'sensitivity_of_data': 'High (operational engineering data '
'from active projects)',
'type_of_data_compromised': ['LiDAR point clouds (.las '
'format)',
'Orthophotos (.ecw format)',
'MicroStation design files',
'PTC settings',
'Vegetation feature files (.xyz '
'format)',
'Transmission line corridors and '
'substations data']},
'description': 'Hackers claim to have stolen more than 800 sensitive '
'engineering files from Pickett and Associates, a '
'Florida-based civil engineering, surveying, and geospatial '
'services firm. The data includes LiDAR point clouds, '
'orthophotos, design files, and transmission corridor maps, '
'now being sold for approximately $600,000. The breach affects '
'major U.S. utilities and critical infrastructure projects.',
'impact': {'data_compromised': '800+ sensitive engineering files including '
'LiDAR point clouds, orthophotos, design '
'files, and transmission corridor maps'},
'initial_access_broker': {'data_sold_on_dark_web': True,
'high_value_targets': 'Major U.S. utilities and '
'critical infrastructure'},
'investigation_status': 'Ongoing (Duke Energy investigating)',
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': True,
'ransom_demanded': '6.5 bitcoin (~$600,000)'},
'references': [{'source': 'The Register'}, {'source': 'TechRadar'}],
'response': {'communication_strategy': 'No comment from Pickett and '
'Associates; Duke Energy '
'investigating'},
'title': 'Hackers steal 800+ sensitive engineering files from Pickett and '
'Associates tied to major U.S. utilities',
'type': 'Data Breach'}