O’Reilly’s review of the breach found that the exposed data included thousands of emails, scanned identity documents, and a significant amount of HR and process documentation. He noted that about 70 filenames referenced submarine programs, often in the context of tenders or project correspondence. He added: “When an adversary compromises a supplier, they gain access to the language, patterns, and relationships that connect organisations across the supply chain. This information can be used to build credible approaches to higher-tier targets. This is why contextual data, even when not formally classified, has strategic value.”
