Police National Computer not pwned by Clop ransomware crims, insists Home Office

2021-12-20 15:51

The Clop ransomware gang pwned a managed service provider with access to the UK's Police National Computer, dumping data on its dark web leaks site - but officials deny that police data was compromised.

Reports surfaced in the Mail on Sunday newspaper over the weekend that the criminals had published information from the Police National Computer on their leaks site.

Assembled piecemeal by police forces inputting data on crime suspects, witnesses, and others who come into contact with police for whatever reason, the elderly and opaque system is the state's master record of arrests, criminal convictions, and more.

The Sunday newspaper claimed the stolen data included images from the national Automatic Numberplate Recognition system, a system that is separate from the PNC. "Footage includes close-up images of the faces of drivers who have been snapped speeding," claimed the report - although today an official spokesman played down the breach, claiming nothing was accessed from the PNC. A Home Office spokesperson told The Register: "We are aware of a data breach involving Dacoll. No records from the Police National Computer have been accessed."

Links to the stolen data had been deleted from the Clop gang's Tor-hosted leak blog when The Register examined it today so it is not possible to verify the newspaper's claims.

Ransomware researcher Brett Callow of infosec biz Emsisoft told The Register that deletion of the data may no longer be a sign of ransom payments - or non-payments.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/12/20/dacoll_ransomware_clop_pnc_claims/

#office #police #ransomware