Azusa Police Department Ransomware Hack Broader Than 1st Suspected – NBC Los Angeles


The Azusa Police Department is continuing Tuesday to assess the scope of a March ransomware attack that led to the release of information ranging from payroll files to investigative reports referencing confidential informants.

The department announced in a statement released last Thursday that it discovered March 9 that some of its computer systems were inaccessible. An investigation with other law enforcement partners and tech experts found that the department had been locked out as the result of a “sophisticated ransomware attack,” and officials refused to pay any ransom, according to the department.

On April 27, investigators determined that the hackers had stolen information and by May 20, determined that the data may have included Social Security, driver’s license and passport numbers, as well as financial and medical information, according to the police department.

However, the Los Angeles Times reported Monday that the breach was much broader, based on the newspaper’s review of documents posted on a dark web site by ransomeware gang DoppelPaymer.

The Times said the records released online included payroll files, a spreadsheet of gang member contacts, crime scene and booking photos, and investigative reports citing confidential informants.

The index page detailing the police data has been visited more than 11,000 times since April, according to the newspaper.

Azusa police Capt. Christopher Grant told City News Service that investigators — including from the Los Angeles County Sheriff’s Department and FBI — are still working to determine the full scope of the data in the hands of hackers.

Grant said he was limited in what he could say as law enforcement agencies work to bring someone to justice in the case.

“There’s a lot I… can’t discuss,” Grant said.

He said that the attack hadn’t affected the department’s ability to keep Azusa safe.

“Our operations haven’t been hindered at all by this,” Grant said.

The U.S. Treasury Department has warned that hackers often target small-to-medium-sized businesses and local government agencies because they typically have fewer security protections in place.

Cybercriminals typically encrypt data, making…

Source…