Hackers release personal info of 22 D.C. police officers
A ransomware gang that hacked Washington's Metropolitan Police Department published extensive profiles of 22 officers Tuesday as part of an extortion attempt.
The files on current and former police officers are detailed
and include personal information such as Social Security numbers, dates of
birth, results of psychological assessments, copies of driver’s licenses, fingerprints, polygraph
test results, as well as residential, financial and marriage history. NBC News
reached two officers whose profiles were published using the phone numbers listed in them and
verified their identities. Both said they had not been told by
the department that their specific information had been accessed.
The department was first hacked in April. A ransomware gang
soon claimed responsibility and later published profiles of five officers, then
took them offline as it apparently entered negotiations with the department.
But those negotiations appear to have fallen through.
According to an alleged correspondence with the department that the hackers
published Tuesday, they demanded $4 million to not publish more stolen files.
The department countered with an offer of $100,000, saying
its “spending is closely controlled.” The hackers responded that the
counteroffer was “unacceptable.”
The hack is entirely distinct from the attack on the
Colonial Pipeline and conducted by a different group, though both are
Russian-speaking outfits. But both are part of a larger trend of ransomware
attacks in which increasingly brazen organized criminals, usually based in
Russia or Eastern Europe, hack American entities and demand money to either
unlock their computers or not publish sensitive data.
The Metropolitan Police Department profiles are each stored
as a PDF for individual officers. Most are more than 100 pages long, and one is
more than 300 pages.
The department, which previously said it was aware of a
cyber incident, didn’t respond to a request for comment for this story.
There have been more than 100 confirmed attacks against U.S.
targets this year alone, including state
and local governments, schools, financial institutions, health care
organizations and manufacturers, according to an analysis provided by the
cybersecurity firm Recorded Future. Ransomware cost victims around $75 billion
in 2020, according to an estimate by the cybersecurity firm Emsisoft.
Comments
Post a Comment