Exploit: Ransomware
Metropolitan Police Department of the District of Columbia: Law Enforcement Agency
Risk to Business: 1.717= Severe
The Babuk Locker ransomware gang snatched data from the DC Metropolitan Police. The sample the cybercrime group posted, included 576 pages of personnel files including full names, Social Security numbers, phone numbers, financial and housing records, job histories and polygraph assessments for current and former officers. That data was briefly visible on the gang’s site, but taken down after a short period. No word on whether the gang was paid or the exact contents of the stolen files. In total, the Babuk Locker gang claims it downloaded more than 250 GB of data from DC Police servers.
Individual Risk: 2.166= Severe
Current and former employees of the Metro Police may be in danger for spear phishing, identity theft or blackmail and should remain alert for fraud attempts.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Data theft like this is the bread and butter of cybercrime. This data is especially desirable because it contains information about law enforcement. When storing this kind of information, ensuring that you’re using multifactor authentication is essential as is antiphishing security to guard against ransomware.