Catastrophic attack as Russians hack files on EIGHT MoD bases and post them on the dark web Daily Mail Online

pBy LYDIA VELJANOVSKI and SEAN RAYMENT pp Published 1700 EST 18 October 2025 Updated 1705 EST 18 October 2025 pppp 587ppView commentsppppRussian hackers have stolen hundreds of sensitive military documents containing details of eight RAF and Royal Navy bases as well as Ministry of Defence staff names and emails and posted them on the dark web The Mail on Sunday can revealppIn what has been described as a catastrophic security breach cybercriminals accessed the cache of files by hacking a maintenance and construction contractor used by the MoDppThe gateway attack which targeted third party the Dodd Group allowed cyber gangsters to circumvent the almost impenetrable cyber defences used by the Armed Forces  ppThe MoD said it was investigating the enormous data and security breach believed to have been carried out by Russian group LynxppLeaked documents seen by the MoS disclose information about a number of sensitive RAF and Navy bases including RAF Lakenheath in Suffolk where the US Air Forces F35 stealth jets are based and their nuclear bombs are believed to be housedppOther bases include RAF Portreath a topsecret radar station that forms part of Natos air defence network and RAF Predannack now home to the UKs National Drone HubppDetails of contractors names car registrations and mobile numbers as well as MoD personnels names and email addresses have also been uploaded Some documents are marked Controlled or Official SensitiveppThe disclosure follows a warning from the National Cyber Security Centre last week that the number of significant hacking attacks in the UK have reached a record high with 204 taking place in the year to SeptemberppUS Air Force F35 stealth jets are pictured last year at RAF Lakenheath in Suffolk where sensitive information has been disclosed about to Russian hackersppA former military intelligence officer told the MoS the breach was a catastrophic security failure which would cause huge alarm in the USppColonel Phil Ingram a former member of the Intelligence Corps who also served in Iraq and the Balkans added Any sensitive information from emails to mobile phone numbers will be useful to our enemiesppThis is yet another embarrassing breach of the MoDs supply chain compromising sensitive data There doesnt seem to be a week going by without another MoDrelated breach and no sign of accountabilityppIt is likely a reflection on the creaking IT infrastructure the MoD has its rigid outdated processes and simple lack of careppThe information emerged on the dark web after the gang infiltrated the systems of the Dodd Group a major UK building and maintenance contractorppThe criminals boasted of quietly extracting roughly 4TB terabytes of data including material from secured repositories sparking fears that Britains adversaries could exploit the information to penetrate defence and government systems ppThe Dodd Groups network was first breached on 23 September with the hackers issuing a chilling ultimatum Time is running out you have the opportunity to resolve this matter before inevitable consequences unfoldppSince then the group has begun releasing the stolen material in stages posting two out of four planned data dumps on the dark web so far ppUS nuclear bombs are also believed to be housed in RAF Lakenheath which is pictured in this aerial viewppWithin the leaked files around a thousand documents are visitor forms for RAF Portreath listing contractors and MoD personnels data and visitor records for RNAS Culdrose one of the Royal Navys principal air stationsppAlso among the material is internal email guidance and security instructions which could be exploited to craft highly convincing phishing attacksppThere are also files relating to construction group Kier concerning work at RAF Lakenheath where B6112 thermonuclear gravity bombs were reportedly delivered in July and RAF Mildenhall which also acts as a base for US F35 fighter squadronsppOther leaked files include material linked to HMS Raleigh HMS Drake and RAF St MawganppThe Dodd Group which last year turned over 294 million and made a 53 million gross profit has also carried out work for the NHS defence infrastructure and the Duchy of Cornwall the private estate owned by Prince WilliamppExperts have cautioned that even seemingly mundane data could help foreign adversaries build intelligence on Britains defence infrastructure ppProfessor Anthony Glees a security and defence expert from the University of Buckingham told The Mail on Sunday This is a massive national security breach and its a doubleheaded breach because it not only is about data of great importance to Britains enemies and potential enemies but it is also an embarrassment to Britains allies in particular the USppLynx is believed to be based in Russia and recruits openly on Russianspeaking underground forums In line with many Moscowbased cybercrime groups it avoids targeting organisations in former Soviet statesppConfirming a cyber incident a Dodd Group spokesman said limited data had been stolen and the company had secured and recovered our systemsppThe MoD said it was actively investigating the situationpp
Share what you think
ppThe comments below have not been moderatedpp
The views expressed in the contents above are those of our users and do not necessarily reflect the views of MailOnline
ppBy posting your comment you agree to our house rulesppDo you want to automatically post your MailOnline comments to your Facebook TimelineppYour comment will be posted to MailOnline as usualpp ppDo you want to automatically post your MailOnline comments to your Facebook TimelineppYour comment will be posted to MailOnline as usualpp We will automatically post your comment and a link to the news story to your Facebook timeline at the same time it is posted on MailOnline To do this we will link your MailOnline account with your Facebook account Well ask you to confirm this for your first post to FacebookppYou can choose on each post whether you would like it to be posted to Facebook Your details from Facebook will be used to provide you with tailored content marketing and ads in line with our Privacy Policyp