L3 Harris 2026 Cyber Tools Theft

L3 Harris, a U.S. defense contractor, experienced a breach involving the theft of eight proprietary cyber tools. The tools were subsequently acquired by a sanctioned Russian national and his company, who sold them to unauthorized customers. The U.S. Treasury Department publicly disclosed sanctions against the Russian broker in February 2026, confirming the compromise of sensitive defense-related cyber capabilities.

The attack chain involved the unauthorized acquisition of stolen proprietary cyber tools originally developed by L3 Harris. The Russian broker obtained these tools through undisclosed means and distributed them to unauthorized third parties. The exfiltrated data consisted of proprietary cyber exploitation tools designed for defense applications, representing sensitive intellectual property and potential offensive cybersecurity capabilities.

The U.S. Treasury Department imposed sanctions on the Russian national and his company under relevant authorities, confirming the unauthorized distribution of the stolen tools. This regulatory action represents the primary confirmed post-incident development, with no additional containment or remediation milestones detailed in the available information.