Security News > 2021 > April > Washington DC police force confirms data breach after ransomware upstart Babuk posts trophies to Tor blog

Ransomware criminals have posted trophy pictures on their Tor blog after attacking the police force for US capital Washington DC. The Metropolitan Police Department said it was "Aware of unauthorised access on our server" and had engaged the FBI to investigate, according to BleepingComputer.
Babuk, a relatively new ransomware gang, claimed credit for the attack and claimed to have stolen 250GB of files from the force.
There was no mention on the Metropolitan Police Department's website or social media channels of the ransomware attack.
Calvin Gan, a senior manager with F-Secure's Tactical Defence Unit, commented: "Babuk ransomware is relatively new and is likely trying to make a name for themselves. They have been demanding a relatively low ransom amount and researchers from Emsisoft have even discovered severe bugs in their decryptor. Releasing a bold statement such as this to challenge the authorities could be seen as an amateur move, but it now gives them added credibility especially when the breach has been confirmed by the organization themselves."
Email security firm Mimecast's head of e-crime, Carl Wearn, opined: "Ransomware really has become the pre-eminent threat of our time, with this being the latest attack in a number of recent incidents. The head of GCHQ, Jeremy Fleming, was absolutely right to recently say that ransomware presents a significant danger for organisations of all kinds."
The MPD's entry on the ransomware gang's blog has vanished, suggesting the police force paid the demand.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/04/27/washington_dc_police_ransomware/
Related news
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
- Entertainment services giant Legends International discloses data breach (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Yale New Haven Health data breach affects 5.5 million patients (source)
- Frederick Health data breach impacts nearly 1 million patients (source)
- Baltimore City Public Schools data breach affects over 31,000 people (source)