A ransomware gang that hacked the District of Columbia’s Metropolitan Police Division in April posted personnel data on Tuesday that exposed extremely delicate particulars for nearly two dozen officers, together with the outcomes of psychological assessments and polygraph exams, driver license photographs, fingerprints, social safety numbers, dates of start, and residential, monetary and marriage histories.
The info, included in a 161GB obtain from an internet site on the darkish net, was made out there after negotiations broke down between members of the Babuk ransomware group and MDP officers, based on screenshots purporting to be chat transcripts between the 2 organizations. After earlier threatening to leak the names of confidential informants to crime gangs, the operators agreed to take away the info whereas they carried out the now-aborted negotiations, the transcripts confirmed.
That is unacceptable
The operators demanded $4 million in alternate for a promise to not publish any extra data and supply a decryption key that will restore the info.
“You’re a state establishment, deal with your information with respect and take into consideration their value,” the operators stated, based on the transcript. “They value much more than 4,000,000, do you perceive that?”
“Our remaining proposal is to supply to pay $100,000 to forestall the discharge of the stolen information,” the MPD negotiator ultimately replied. “If this supply just isn’t acceptable, then it appears our dialog is full. I believe we perceive the results of not reaching an settlement. We’re OK with that end result.”
“That is unacceptable from our facet,” the ransomware consultant replied. “Comply with our web site at midnight.”
A put up on the group’s web site stated: “The negotiations reached a useless finish, the quantity we have been provided doesn’t go well with us, we’re posting 20 extra private information on officers.” The 161MB file was password protected. The operators later revealed the passphrase after MPD officers refused to boost the value the division was prepared to pay.
Three of the names listed within the personnel information matched the names of officers who work for the MPD, net searches confirmed. The information have been based mostly on background investigations of job candidates into account to be employed by the division.
MPD representatives didn’t reply to questions concerning the authenticity of the transcripts or the present standing of negotiations.
Like just about all ransomware operators today, these with Babuk make use of a double extortion mannequin, which expenses not just for the decryption key to unlock the stolen information but in addition in alternate for the promise to not make any of the info out there publicly. The operators usually leak small quantities of information in hopes of motivating the victims to pay the charge. If victims refuse, future releases embrace ever extra non-public and delicate data.
The ransomware assault on the MPD has no recognized connection to the one which has hit Colonial Pipeline.