• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

DC Police Alleged Victim of Double-Extortion Ransomware Attack

May 6, 2021 By Ryan Estes

Another day, another breach. Although, this time, the victim is the Metropolitan Police Department in Washington D.C. and the breach was induced by double-extortion ransomware known as Babuk. The group behind the ransomware attack, the Babuk Ransomware Group, hosts a webpage of their leaks with their most recent addition being the DC Police. The original leak of information was posted on April 27th, 2021, and claims to have stolen more than 250 GB of data. A few screenshots were included in the original post consisting of internal reports, mugshots of arrested persons, other sensitive files, network share drives, and a short message indicating that the DC Police had 3 days to pay the ransom before files would be released publically. The group released several screenshots indicating the access to their network was genuine. A few of those screenshots can be seen blurred below.

However, the very next day on April 28th, 2021, a second post was released on their website indicating it was the DC Police’s “last warning” before sensitive information were to be leaked. This short post included a screenshot of several folders named after various officer ranks, a download link to the sensitive files, and a short message: “We make one last warning for the police deportation, and we start with a small officer leak.”. A blurred image of that webpage can be seen below.

Truth be told, as I was finishing this updated article about the second post by the Babuk Ransomware Group, the two posts described above vanished from their Leaks website. Therefore, all we are left with is the assumption that either the group removed the information for an arbitrary reason, or the likely scenario – the DC Police may have possibly paid the ransom to get their data back. Although, there is no evidence to support those assumptions. If there is further information on this developing story they will be updated below.

Share This:

Related

Filed Under: Editorial Articles Tagged With: data breach, double-extortion ransomware, ransomware

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use