The Portuguese Armed Forces General Staff Agency (EMGFA) reportedly fell victim to a hack that resulted in the theft of sensitive NATO papers, which are currently being sold on the dark web.

EMGFA is the governmental agency responsible for controlling, planning and operating Portugal’s armed forces. The agency only discovered it had been hacked after hackers uploaded samples of the stolen data on the dark web, claiming they would sell the files to prospective buyers.

US cyber intelligence operatives discovered the sale of stolen records and notified the US embassy in Lisbon, which informed Portuguese authorities of the data breach.

The documents are extremely sensitive

A group of specialists from the National Security Office (GNS) and Portugal’s national cybersecurity center was quickly dispatched to EMGFA to thoroughly examine the organization’s network.

The revelation was first reported by Diario de Noticias, a local news outlet that claims to have validated the accuracy of the information through anonymous individuals involved in the investigations.

According to these sources, the stolen documents are of extreme importance. Their distribution might jeopardize the country’s reputation in the NATO.

Air-gapped but vulnerable

EMGFA’s computers are air-gapped, but the data breach was reportedly caused by non-secure links. The investigation’s initial finding is that the senior military authority violated its operational security standards at some point in time.

At the time of writing, the Portuguese government has made no official statement on the subject. However, the political opposition is increasing pressure for a briefing in response to the reports.

Many parliamentary representatives expressed amazement after learning that sensitive military documents were being auctioned on the internet and the country’s intelligence services had failed to identify such a significant breach.

Tip: Data privacy: from necessary security step to competitive advantage