Brinztech Alert: Critical Infrastructure Designs of Pickett USA on Sale for 6.5 BTC

Dark Web News Analysis

Cybersecurity intelligence from February 16, 2026, has detected a high-priority data sale on a major cybercrime forum involving Pickett USA, a leading engineering and surveying firm specializing in transmission and distribution power line design. A threat actor is currently auctioning a massive repository of sensitive operational data for 6.5 Bitcoin (~$400,000+ USD) or its equivalent in Monero.

The exfiltrated data is highly specialized and pertains to active, critical projects for major U.S. utilities, including Tampa Electric Company (TECO), Duke Energy Florida (DEF), and American Electric Power (AEP). The repository reportedly contains:

• Classified Raw LiDAR Point Clouds: Precise 3D topographical data of power lines and substations.
• MicroStation Design Files (DGN): Engineering blueprints for active utility infrastructure.
• High-Resolution Orthophotos: Aerial imagery used for exact site mapping and reconnaissance.
• Large Vegetation Feature Files: Critical data for maintenance and fire-risk mitigation strategies for transmission lines.

Key Cybersecurity Insights

The breach of an engineering firm like Pickett USA is a “Tier 0” threat because it provides the “skeleton” of the American power grid to potential adversaries:

• Physical Sabotage Blueprint: This is not just digital data; it is a physical roadmap. Precise LiDAR and MicroStation files allow a malicious actor to identify critical structural vulnerabilities or “single points of failure” within a power grid for highly targeted physical disruption.
• Nation-State Interest: The high asking price and the technical nature of the data suggest the primary buyers are likely Nation-State Actors or advanced APT groups. This data is invaluable for long-term strategic reconnaissance and preparing for “cyber-physical” warfare.
• Supply Chain Vulnerability: Pickett USA acts as a critical third-party vendor. This breach demonstrates how a compromise at a mid-sized engineering firm can bypass the multi-million dollar security perimeters of massive utility corporations like Duke Energy or AEP.
• Vegetation Management Exploitation: Exposure of vegetation feature files allows an adversary to understand where the grid is most vulnerable to natural interference or where a lack of maintenance could be exploited to cause cascading failures or wildfires.

Mitigation Strategies

To protect national energy security and mitigate the impact of this infrastructure exposure, the following strategies are urgently recommended:

• Immediate Utility Sector Notification: Pickett USA and federal agencies (CISA/DOE) must ensure that TECO, Duke Energy, and AEP have received full forensic details of the breach. Utilities must assume their physical site layouts are now “public” and should adjust on-site physical security protocols accordingly.
• Infrastructure Design Rotation: Where possible, utilities should review active project designs and consider “Security-by-Design” modifications to minimize the utility of the stolen blueprints.
• Enhanced Perimeter Monitoring: Increase physical and digital surveillance around the specific substations and transmission lines identified in the stolen LiDAR files. Look for signs of physical reconnaissance or unauthorized drone activity.
• Zero Trust Third-Party Management: Moving forward, utilities must enforce Zero Trust for all engineering vendors. Sensitive LiDAR and CAD data should only be accessible through “Clean Room” environments that prevent the bulk exfiltration of raw project files.

Secure Your Future with Brinztech — Global Cybersecurity Solutions

From agile SMEs and global enterprises to national agencies, Brinztech provides the strategic oversight necessary to defend against evolving digital threats. We offer expert consultancy to audit your current IT policies and GRC frameworks, identifying critical vulnerabilities before we can be exploited. Whether you are protecting a local business or a government entity, we ensure your security posture translates into lasting technical resilience—keeping your digital footprint secure, your citizens’ data private, and your future protected.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com