One day after a hacker posted screen shots and data to a hacking mailing list, saying he had broken into a New Mexico wind turbine facility, the company that runs the turbines says it has seen no evidence of a computer intrusion. One day after a hacker posted screen shots and data to a hacking mailing list, saying he had broken into a New Mexico wind turbine facility, the company that runs the turbines says it has seen no evidence of a computer intrusion.The hacker, who calls himself Bigr R, made the claims Saturday, posting screenshots of the facility’s management interface, screenshots of an FTP server and project management system, as well as Web server info and configuration data from a Cisco router.But NextEra Energy Resources, the company that manages the 200 megawatt Fort Sumner wind facility, says there’s no evidence that it’s been hacked. “We have investigated the claims of a potential computer hacking and found that the information provided as proof of hacking is largely publicly available information, which by itself would not be adequate to launch a successful attack against the named SCADA system or wind site,” said Steve Stengel, a company spokesman. “We have not seen any evidence of a breach.”SCADA or supervisory control and data acquisition computer systems are used to manage industrial production at places such as factories, chemical companies and utilities. Stengel did not say exactly what information that the hacker posted had previously been made public and what was not.PNM, he New Mexico utility company that uses the plant’s energy said Sunday that it knew of no incidents affecting the company’s Fort Sumner facility. In an email interview with the IDG News Service, Bigr R, said he was a former employee of NextEra’s parent company, Florida Power & Light. He said he used a bug in the Cisco Security Device Manager software used by NextEra to break into the site. “They gave to it public IP, so it was easy to hack into it through the Web,” he said. “They used default passwords, which I got from one of administrators. Then I obtained level 15 priv. (superuser), and understood the topology of SCADA networks. Then it was easily to detect SCADA and turn it off.”Security experts contacted Sunday said that it wasn’t possible to tell whether Bigr R’s claims were true. It’s also not clear that he ever really worked for Florida Power & Light, said Wesley McGrew, an industrial systems security researcher with McGrew Security. “It’s just really difficult to establish what’s going on either way,” he said.Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is robert_mcmillan@idg.com Related content news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Government Government news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security news Immersive Labs adds custom 'workforce exercising' for each organizational role With the new workforce exercising capability, CISOs will be able to see each role’s cybersecurity readiness, risk areas, and exercise progress. By Shweta Sharma Sep 27, 2023 3 mins Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe