INC Ransomware Leaks Sensitive Military Procurement Data of NATO Member Hungary

Hungarian officials have confirmed to local media the occurrence of a cyberattack targeting the National Defence Procurement Agency (VBÜ). According to authorities, the attack was orchestrated by an “international group of hackers.”

Earlier on Thursday, the hacking collective known as INC Ransomware (also referred to as INC Ransom) released screenshots on the dark web, allegedly proving their access to the agency’s data. Previous research suggests that the group emerged last year and specializes in attacks on medical, educational, and government institutions. The identities of its members remain unknown.

Hungary’s Ministry of Defence declined to comment on the potential data breach, citing an ongoing investigation. The ministry assured the public that the VBÜ does not store classified military information. Hungary is a member of NATO.

Gergely Gulyás, Chief of Staff to Prime Minister Viktor Orbán, described the perpetrators as a “hostile foreign non-state hacker group” without naming the organization explicitly. According to Gulyás, the most critical information potentially accessed by the attackers includes “plans and details of military procurements.”

The Hungarian publication Magyar Hang reported that INC Ransomware breached the agency’s servers, downloading and encrypting all files. Media outlets state that among the leaked materials are documents detailing the air and ground capabilities of Hungary’s military, as well as files marked “not for publication.” The compromised data appears relatively recent, with some documents dated October of this year. The hackers have demanded a ransom of $5 million for decrypting the files.

Hungarian authorities have not disclosed whether negotiations with the hackers are underway.