The hackers released data which could help criminals breach some of Britain's most secretive sites including the HMNB Clyde nuclear submarine base, the Porton Down chemical weapon lab and a GCHQ listening post.
Secret information about military sites and high-security prisons was also stolen by LockBit - one of the world's most dangerous hacking gangs.
The group - whose key suspects include Russian Mikhail Matveev - is said to have shared the data on the dark web which is accessible through special software, The Mirror reports.
It follows serious security breaches involving the Met Police - where 47,000 officers' details were put at risk - and the Police Service of Northern Ireland, who accidentally shared the personal information of 10,000 employees.
Labour MP Kevan Jones, who sits on the Commons Defence Select Committee, told the newspaper: 'This is potentially very damaging to the security of some of our most sensitive sites.
'The Government needs to explain why this firm's computer systems were so vulnerable. Any information which gives security arrangements to potential enemies is of huge concern.'
The hackers are said to have targeted the databases of Zaun, a company responsible for protecting maximum security sites.
It's understood that the hackers stole the documents last month in a shocking attack on the firm which makes fences and security measures for vulnerable sites. The West Midlands-based company provided security barriers at the London Olympics in 2012.
LockBit, who are said to have financial links to Russian criminals, have been on the FBI's radar since 2020 and are thought to have issued £80million in ransoms worldwide.
There are a number of Russians who have been detained over cyber attacks in the US and Canada. Russian national Ruslan Magomedovich Astamirov was charged in the US 'for involvement in deploying numerous LockBit ransomware and other attacks in the US, Asia, Europe, and Africa'.
And last year, Mikhail Vasiliev, a Russian and Candian national, was also charged by the US. He is being detained in Canada and awaiting extradition to the US.
Mikhail Matveev, who has been linked to numerous ransomware variants including LockBit, is also wanted by for 'allegedly conducting significant attacks against both United States and worldwide businesses'.
He is on the FBI's most wanted list after alleged attacks on 1,400 global targets, including a £66million blackmail on the Royal Mail who refused to pay.
It's understood one leaked document related to equipment used to protect Porton Down - one of the most secretive military research facilities in the UK. Zaun describes its work at the Wiltshire campus as 'very secretive'.
A sales order detailing goods purchased for HMNB Clyde - which is home to Trident nuclear submarines - was also leaked. And a sales order report for goods at GCHQ's communications site in Bude, Cornwall, was also reportedly exposed.
Bude is described as playing a 'critical part' in Britain's security, according to GCHQ.
The leak is also said to have included details about security equipment at RAF Waddington where Reaper drone missions have been conducted from for the last 10 years, and Cawdor Barracks, the base of the 14th Signal Regiment, which deals in electronic warfare.
Detailed drawings of perimeter fencing at Cawdor, in Pembrokeshire, was also attached to company emails and leaked to the dark web. Information relating to a number of prisons, including Category A Long Lartin, Worcs, and Whitemoor, was also exposed.
A spokesman for Zaun told The Mirror: 'LockBit will have potentially gained access to some historic emails, orders, drawings and project files. We do not believe classified documents were stored on the system or have been compromised.
'The National Cyber Security Centre has been contacted and we are taking advice. Zaun is a victim of a sophisticated cyber attack and has taken all reasonable measures to mitigate any attack on our systems.'
A Government spokesman told MailOnline tonight: 'We do not comment on security matters.'