A cyber attack had been conducted on Chatham County, North Carolina back on the 28th of October last year. During that period, an investigation on the computer network revealed that personal information had been posted on the dark web. The hackers have claimed a cyber attack ransom following that.
The computer network had been hit with DoppelPaymer ransomware that found its origination in the network via a malicious attachment on a phishing email. Dan LaMontagne, the County Manager, had revealed this information. In a news release, he has also mentioned that the cyberattack had encrypted much of the country’s network infrastructure alongside the associated business systems. However, the staff were able to isolate the affected systems.
The hacker had sent a cyber attack ransom note where they had demanded 50 Bitcoin (BTC). Currently, the demand’s value is $2.4 Million as Hara Dudley, the County spokeswoman stated in a recent email. She said that the County had straightforwardly rejected the ransom payout.
In the meantime, the staff members are working with the N.C. Attorney General’s Office and the N.C. Department of Health and Human Services to identify the files affected by the data breach. They are also working to notify people whose health information or personally identifiable information might be at risk, as LaMontagne had mentioned to the County commissioners. He also stated that a call center would also be set up for helping them.
“As we know recently on the 8th of February, I discovered that the cyber actors responsible for the theft of information from our servers posted the information on the dark web, and this investigation remains ongoing,” LaMontagne said. “This includes efforts to identify and notify every individual whose personal information may have been impacted.”
The cyberattack had temporarily shut down most of the County functions and access to the services were cut off. The data steal took place from a minimal number of the County systems. However, LaMontagne revealed that the County had not stated what specific data had been compromised.
Last week, the Chatham News and record had reported its finding of sensitive files against the cyber attack ransom probably that consisted of County employee personnel records, Chatham County Sheriff’s Office Investigation documents and eviction notices. These had been posted on the dark web that does not get tracked by the conventional search engines. It proves to be dangerous as they may be used for criminal activities.
The newspaper had accessed the websites bearing digital files utilizing information provided by an anonymous source. The County officials also confirmed that the DoppelPaymer ransomware group had released the sensitive data.
The newspaper report had stated that there were two releases. On the 4th of November last year, “mostly innocuous” files had been uploaded. In January this year. A second upload had been detected that included more sensitive data. The newspaper took screenshots of a website counter that displayed the files had been viewed more than 30,000 times. In a recent news release, the Sheriff named Mike Roberson had mentioned that his employees were affected as well.
“Once the Sheriff’s Office received a tip off regarding the data breach, we acted quickly to notify all victims — mostly our own employees — whose sensitive information was copied from Sheriff’s Office files,” Roberson said.
The staff had to wipe off and re-image the County servers and more than 550 staff computers. He stated that the internet, the office phones, the staff computers and the voicemails are almost recovered. Additionally, they are adding security measures and reinforcing employee training. The staff had also grabbed the opportunity for examining better ways to handle the data.
“The threat from outside individuals in this type of attack is constant, and Chatham County aims to take all reasonable actions to secure our data and infrastructure,” LaMontagne said.
The County officials had mentioned that anyone who thinks that they may have been affected by a cyberattack or a cyber attack ransom, must monitor their accounts for the suspicious activity. They should also consider putting up a fraud alert or in the extreme a security freeze on their credit report.
Source: Government Tech
Disclaimer: Read the complete disclaimer here.