Ransomware group aurora hits Hagerman & Company

*** — a 40-year-old Autodesk Platinum Partner headquartered in Mt. Zion, Illinois, serving 250+ enterprise customers across manufacturing, energy, defense, healthcare, and education. The exposed dataset includes: Complete proprietary source code for 15+ commercial products including the HNC Licensing System (License Generator, License Server, License Manager) — enabling unlimited piracy of all Hagerman products. 8+ plaintext database credentials in .udl files, including an Oracle SYS (DBA superuser) account with password "Hagerman@1!" reused across multiple systems. Engineering vault databases for 14+ critical infrastructure entities — NYPA (7 power plants including Niagara Falls), Kinder Morgan (Elba Island LNG terminal), HydroOne (Ontario electricity), Phillips 66, Chevron, and 8+ petroleum refineries. Defense/government data — NASA IT Security Requirements, Lockheed Martin configurations, Boeing-SVS vault data, JPL configurations. Azure DevOps transaction logs (1.6 GB) containing complete source code version history and potentially CI/CD deployment secrets. Third-party database credentials for Michigan State University (3 databases), Cal State Long Beach, and Beth Israel Deaconess Medical Center infrastructure.

Posted by the aurora threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.