Hackers Publish Classified Documents Stolen from Lithuanian Ministry of Foreign Affairs


The Lithuanian Ministry of Foreign Affairs has refused to comment regarding the credibility of e-mail files allegedly stolen from its own system and offered for sale on the RaidForums hacking platform. The archive consists of 1.6 million emails including discussions and also documentations designated as vulnerable and also highly sensitive in attributes.

To lure potential purchasers, the hacker published several documents and correspondence belonging to Lithuanian diplomatic as proof of the authenticity of the data. In a blog post yesterday, the hacker shared two files saying that they were email archives of conversations from top representatives of Lithuania’s embassy in Georgia.

The hacker claims to have a 300GB cache of 102 Outlook Data File files (PST) with some discussions related to secret negotiations against U.S. President Biden, and preparation for the war with Belarus, including a “nuclear strike”.

The leaked documents are marked as secret, top-secret, and cosmic. The seller also shared a list with names that presumably work for the Lithuanian Ministry of Foreign Affairs.

The Lithuanian Ministry of Foreign Affairs on Thursday posted a short statement declining to comment about the potential leak or even if it is legitimate.

“The Ministry of Foreign Affairs is unable to confirm the veracity of the information disseminated to the public and will not comment. We see this as an information attack by unfriendly countries” the Lithuanian Ministry of Foreign Affairs stated. 

The ministry was targeted in November 2020 and the attack was attributed to Russian actors, but the incident was not disclosed at the time. However, it remains unclear how much the vendor is asking for the cache but some forum users expressed interest in purchasing the leak. According to them, some inboxes have about 10 years of documents.

Gitanas Nausėda, the president of Lithuania said this week that there is proof suggesting that information was stolen in the November attack and that some of it is deemed classified.

"An investigation is ongoing, with no doubt, we well assess that damage done during this cyber-attack. But there are certain signs showing that certain information leaked. And that information is deemed classified," the president said in an interview with the Delfi.lt news website.