Working under the hacktivist banner of AntiSec, yet another defense contractor has been struck by hackers who released over a gigabyte of sensitive information. The contractor hit, Vangaurd Defense Industries, just happens to have a connection to InfraGard, an FBI affiliated program struck by LulzSec, through its senior vice president, Richard T. Garcia.

The group announced the breach today through what’s become the hactivist-style press release of a Pastebin post including a TOR link.

Vanguard Defense Industries produces an unmanded drone for use in military and policing operations called the “ShadowHawk”. A few of the e-mails in the 1gb leak by AntiSec appear to mention information about how useful the vehicle might be for the US Marshals.

From the Pastebin link, the manifesto describes the contents of the leak:

For #FuckFBIFriday, we are releasing 1GB of private emails and documents belonging to Vanguard Defense Industries (VDI), a defense contractor that sells arms to law enforcement, military, and private corporations. The emails belong to Senior Vice President of VDI Richard T. Garcia, who has previously worked as Assistant Director to the Los Angeles FBI office as well as the Global Security Manager for Shell Oil Corporation. This leak contains internal meeting notes and contracts, schematics, non-disclosure agreements, personal information about other VDI employees, and several dozen “counter-terrorism” documents classified as “law enforcement sensitive” and “for official use only”.

Defense contractors have been a common target of this sort of hactivist leak-style attack of late. Not just since the hit on InfraGard by LulzSec, but AntiSec leaked data from IRC Federal, and the rolled onto leak 90,000 e-mails from Booz Allen Hamilton. While not related to the whimsical behavior of AntiSec, LulzSec, or Anonymous, the Pentagon even announced their own breach where they lost over 24,000 files. Potentially part of a coordinated hacking campaign against defense contractors using spear-phishing attacks.

All of these activities by both the more juvenile AntiSec and Anonymous versus sophisticated attacks by unknown hackers highlights how open and vulnerable defense contractors and FBI affiliates happen to be on the cyberwar front. If groups like LulzSec are capable of breaching confidential e-mails and authentication information this is like breaking into the key box in the guard house, it shows that the keys are vulnerable—professional hackers wouldn’t announce or leak this information and would instead sneak inside.

As a parting shot, the hackers poked fun at Garcia, alleging that he has poor cybersecurity hygiene.

“Mr. Garcia did not bother to change any of his many many passwords found in his spool at the time of this release,” wrote the hackers in their release about how they might have breached his e-mail account. “So here’s also a shoutout to all Lulz Lizards still following our mischiefs: Have fun with the data of Mr. Garcia, former Assistant Director to the L.A. FBI office who now sells his cybersecurity ‘skills’ to the Military and Government for brazen amounts of money.”