Breach at BE PRIME Cybersecurity Company Exposes Client Data and Surveillance Systems; Be Prime Threatens Journalists

The BePrime breach underscores a paradox in the cybersecurity industry: firms tasked with protecting others sometimes overlook the very controls they recommend. By storing privileged credentials without multi‑factor authentication, BePrime left a wide attack surface that allowed threat actors to exfiltrate 12.6 GB of sensitive data, including video‑surveillance streams from high‑profile clients such as Iberdrola and ArcelorMittal. This lapse illustrates how even seasoned providers can fall prey to credential‑based attacks, reinforcing the industry‑wide push for zero‑trust architectures and continuous credential hygiene.

Beyond the technical failure, BePrime’s decision to threaten journalists with legal action marks a troubling escalation in incident response strategy. Pressuring media and independent researchers runs counter to best‑practice guidelines that emphasize openness, timely disclosure, and collaboration with the broader security community. Digital‑rights groups—including the EFF, Reporters Without Borders, and the Committee to Protect Journalists—have publicly condemned the intimidation, warning that such tactics erode trust and may deter future reporting of critical vulnerabilities.

For enterprises evaluating security partners, the episode serves as a cautionary tale. Procurement teams must scrutinize not only a vendor’s service portfolio but also its internal security posture and crisis‑communication policies. Demonstrable adherence to fundamentals like MFA, regular penetration testing, and transparent breach notification processes should be non‑negotiable criteria. As regulators worldwide tighten breach‑notification laws, firms that fail to model responsible behavior risk reputational damage, regulatory penalties, and loss of client confidence.