A publicly accessible server has been leaking over 600GB of sensitive network and threat alert logs tied to Mexico’s state-owned Federal Electricity Commission (CFE), which powers more than 99% of the country. The server, managed by cybersecurity firm Teliko, exposed data for more than three years.
Cybersecurity researchers discovered the leak in a Kibana instance containing logs from CFE’s internal network, generated by an MDR solution called AIsaac. The data included lists of vulnerable devices and services, valuable intel for attackers looking to exploit weak points, move laterally through systems, or launch spear-phishing campaigns using mimicked domains.
Beyond operational risks, the leak also compromised employee privacy, revealing internet activity and internal tool usage. Though it’s unclear if threat actors accessed the data, its long exposure makes that likely.
This incident highlights growing threats to critical infrastructure, often reliant on outdated industrial control systems and vulnerable third-party vendors. Similar attacks have already disrupted fuel, water, and energy systems worldwide from the Colonial Pipeline shutdown in the U.S. to breaches by Iran- and Russia-linked groups targeting ICS networks in Israel, Ireland, and beyond.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
