Security News > 2021 > April > Washington DC police force confirms data breach after ransomware upstart Babuk posts trophies to Tor blog
Ransomware criminals have posted trophy pictures on their Tor blog after attacking the police force for US capital Washington DC. The Metropolitan Police Department said it was "Aware of unauthorised access on our server" and had engaged the FBI to investigate, according to BleepingComputer.
Babuk, a relatively new ransomware gang, claimed credit for the attack and claimed to have stolen 250GB of files from the force.
There was no mention on the Metropolitan Police Department's website or social media channels of the ransomware attack.
Calvin Gan, a senior manager with F-Secure's Tactical Defence Unit, commented: "Babuk ransomware is relatively new and is likely trying to make a name for themselves. They have been demanding a relatively low ransom amount and researchers from Emsisoft have even discovered severe bugs in their decryptor. Releasing a bold statement such as this to challenge the authorities could be seen as an amateur move, but it now gives them added credibility especially when the breach has been confirmed by the organization themselves."
Email security firm Mimecast's head of e-crime, Carl Wearn, opined: "Ransomware really has become the pre-eminent threat of our time, with this being the latest attack in a number of recent incidents. The head of GCHQ, Jeremy Fleming, was absolutely right to recently say that ransomware presents a significant danger for organisations of all kinds."
The MPD's entry on the ransomware gang's blog has vanished, suggesting the police force paid the demand.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/04/27/washington_dc_police_ransomware/
Related news
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)