Data breaches have occurred in the government, military, and scientific research institutions of multiple NATO member states and partner countries.

On February 22, 2026, the hacker group BFRepoV4Files publicly claimed to be selling a database of approximately 3.5 TB, allegedly containing confidential documents and personal information from NATO and its member/partner entities. The incident involves documents with various levels of security classification, including NATO Restricted (NR), NATO Confidential (NC), and NATO Secret (NS). The leaked data may include personal contact information (such as names, nationalities, employers, positions, email addresses, phone numbers, and addresses), as well as sensitive documents involving multiple international agencies. This leak could pose significant risks to the national security, intelligence sharing, and personal privacy of NATO member states. The attackers are selling access to Secret-level documents for $5,000, with an access option priced at $2,005 also offered.