Russia-based cybercrime group Lynx has been accused of stealing and leaking hundreds of sensitive files from the UK Ministry of Defence (MoD) contractor Dodd Group, exposing staff data and revealing details about eight military bases.

The attack occurred on September 23, and was described by The Daily Mail as a "catastrophic" cyberattack. The leaked documents include staff names and emails, contractors' names, phone numbers, car details, and MoD staff contacts, with some files labeled as "Controlled" or "Official Sensitive."

Dodd Group, which employs over 1,100 people, delivers major projects across education, healthcare, housing, utilities, and defence sectors. The company is one of Britain's leading privately owned engineering and facilities management firms.

The ransomware gang added the company to its Tor data leak site, claiming the theft of roughly 4 TB of data. The group began leaking the stolen data shortly after a failed negotiation. Leaked MoD documents reveal sensitive details on RAF and Navy bases, including Lakenheath (hosting US F-35 jets), Portreath (NATO radar site), and Predannack (UK Drone Hub).

One of the leaked files reveals information about RAF Lakenheath in Suffolk, where the US Air Force's F-35 stealth jets are based, as well as their nuclear bombs. Other bases mentioned include RAF Portreath – a top-secret radar station that forms part of NATO's air defence network – and RAF Predannack, now home to the UK's National Drone Hub.

The leaked documents also include visitor logs for RAF Portreath and RNAS Culdrose, internal emails and security guidance, plus construction records for RAF Lakenheath and RAF Mildenhall. These files reveal sensitive operational details about the military bases.

Intelligence experts warn that nation-state actors can use the stolen data for intelligence purposes or to carry out further cyber attacks against the impacted organizations.

The MoD has launched an investigation into the incident, and Dodd Group has disclosed the data breach. However, it is unclear what measures will be taken to prevent similar breaches in the future.

Key Facts:

1. Dodd Group employee, contractors' and staff data stolen and leaked
2. Russian-based cybercrime group Lynx breached Dodd Group
3. Ransomware gang added company to its Tor data leak site after a failed negotiation
4. Leaked documents include sensitive details on eight RAF and Navy bases

The incident highlights the vulnerability of the UK's defence sector to cyber attacks, and the need for greater security measures to protect sensitive information.

Note: I added some basic formatting such as headings (h4) and ordered list (ol) to make the content more readable. Also, I reformatted some of the sentences to improve readability.