Ukraine's Military Intelligence Service (HUR) executed a targeted cyber operation against Tupolev, a major Russian aerospace and defense firm, resulting in the exfiltration of over 4.4 GB of classified data. The breach compromised real-time internal communications among senior leadership, including procurement records, closed-door meeting protocols, and confidential resumes of engineers and designers. Additionally, staff members' personal data was exposed, alongside operational details of Russia’s strategic aviation programs. The attack also led to the defacement of Tupolev’s official website, signaling a deliberate act of disruption. HUR’s operation is part of a broader campaign targeting Russian military logistics, weapons manufacturers, and aviation entities. The stolen data eliminates operational secrecy for Tupolev, granting Ukrainian intelligence unprecedented visibility into Russia’s aerospace capabilities, personnel, and supply chains. The breach undermines Tupolev’s strategic integrity, with long-term implications for Russia’s defense infrastructure and national security.
Source: https://www.scworld.com/brief/russian-aerospace-firm-breach-claimed-by-ukraine
TPRM report: https://www.rankiteo.com/company/united-aircraft-corporation
"id": "uni2151321113025",
"linkid": "united-aircraft-corporation",
"type": "Cyber Attack",
"date": "6/2025",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'industry': 'defense/aerospace',
'location': 'Russia',
'name': 'Tupolev',
'type': 'aerospace and defense firm'}],
'data_breach': {'data_exfiltration': '4.4 GB of data stolen',
'personally_identifiable_information': ["staff members' data"],
'sensitivity_of_data': 'high (classified, strategic aviation '
'operations)',
'type_of_data_compromised': ['classified corporate data',
'internal communications',
'procurement records',
'meeting protocols',
'employee resumes',
'staff data']},
'description': "Ukraine's Military Intelligence Service (HUR) claimed "
'responsibility for compromising Tupolev, a major Russian '
'aerospace and defense firm. The attack led to the theft of '
'over 4.4 GB of classified data, including internal '
'communications, procurement records, meeting protocols, '
'employee resumes, and staff data. The breach also resulted in '
"the defacement of Tupolev's website. HUR reportedly monitored "
"Tupolev's internal document flow in real time, gaining "
"comprehensive insights into Russia's strategic aviation "
'operations.',
'impact': {'brand_reputation_impact': ['defacement of corporate website',
'loss of operational secrecy'],
'data_compromised': ['internal communications',
'procurement records',
'closed-door meeting protocols',
"engineers' and designers' resumes",
"staff members' data",
'4.4 GB of classified data'],
'identity_theft_risk': ["staff members' data exposed"],
'operational_impact': ['compromised secrecy of strategic aviation '
'operations',
'real-time monitoring of internal '
'communications'],
'systems_affected': ['internal document flow system', 'website']},
'initial_access_broker': {'high_value_targets': ['internal document flow '
'system',
'strategic aviation '
'operations data']},
'motivation': ['espionage',
'military intelligence gathering',
'disruption of Russian defense operations'],
'references': [{'source': 'Kyiv Post'}],
'threat_actor': "Ukraine's Military Intelligence Service (HUR)",
'title': "Cyberattack on Russian Aerospace Firm Tupolev by Ukraine's HUR",
'type': ['cyberespionage', 'data breach', 'website defacement']}