DC Police victim of massive data leak by ransomware gang :: WRAL.com


— The police department in the nation’s capital has suffered a massive leak of internal information after refusing to meet the blackmail demands of Russian-speaking ransomware syndicate. Experts say it’s the worst known ransomware attack ever to hit a U.S. police department.

The gang, known as the Babuk group, released thousands of the Metropolitan Police Department’s sensitive documents on the dark web Thursday. A review by The Associated Press found hundreds of police officer disciplinary files and intelligence reports that include feeds from other agencies, including the FBI and Secret Service.

Ransomware attacks have reached epidemic levels as foreign criminal gangs paralyze computer networks at state and local governments, police departments, hospitals and private companies. They demand large payments to decrypt stolen data or to prevent it from being leaked online.

A cyberattack last week shut down the Colonial Pipeline, the nation’s largest fuel pipeline, prompting gas-hoarding and panic-buying in parts of the Southeast.

Brett Callow, a threat analyst and ransomware expert at the security firm Emsisoft, said the police leak ranks as “possibly the most significant ransomware incident to date” because of the risks it presents for officers and civilians.

Some of the documents include security information from other law enforcement agencies related to President Joe Biden’s inauguration, including a reference to a “source embedded” with a militia group.

One document details the steps the FBI has taken in its investigation of two pipe bombs left at the headquarters of the Democratic National Committee and the Republican National Committee before the insurrection at the U.S. Capitol on Jan. 6. That includes “big data pulls” of cell towers, and plans to “analyze purchases” of Nike shoes worn by a person of interest, the document said.

The police department did not immediately return a request for comment, but has previously said some officers’ personal information was stolen.

Some of that information was previously leaked, revealing personal…

Source…