News and Updates on Information Technology

United States – Metropolitan Police Department of the District of Columbia

Exploit: Ransomware

Metropolitan Police Department of the District of Columbia: Law Enforcement Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.717= Severe

The Babuk Locker ransomware gang snatched data from the DC Metropolitan Police. The sample the cybercrime group posted, included 576 pages of personnel files including full names, Social Security numbers, phone numbers, financial and housing records, job histories and polygraph assessments for current and former officers. That data was briefly visible on the gang’s site, but taken down after a short period. No word on whether the gang was paid or the exact contents of the stolen files. In total, the Babuk Locker gang claims it downloaded more than 250 GB of data from DC Police servers.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.166= Severe

Current and former employees of the Metro Police may be in danger for spear phishing, identity theft or blackmail and should remain alert for fraud attempts.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Data theft like this is the bread and butter of cybercrime. This data is especially desirable because it contains information about law enforcement. When storing this kind of information, ensuring that you’re using multifactor authentication is essential as is antiphishing security to guard against ransomware.

Source: https://www.washingtonpost.com/local/public-safety/hacking-group-that-targeted-dc-police-briefly-posts-internal-police-files/2021/04/29/db18c98c-a8f2-11eb-8c1a-56f0cb4ff3b5_story.html