A ransomware group has threatened leaking sensitive data belonging to the D.C. Metropolitan Police Department, including identities of undercover agents. Plus, ransomware takes a Liverpool rail service offline. That and more in this week’s Cyber News Rundown.
Lockbit ransomware takes down Merseyrail train network
The rail network that operates in the Liverpool City Region of England recently fell victim to a Lockbit ransomware attack that spoofed an email from Merseyrail’s Director to all employees. To feign legitimacy, the email contained misinformation about the attack itself and images showing personally identifiable information on numerous employees. Little information has been revealed about the attack and Merseyrail is still conducting an internal investigation.
Wyoming Department of Health suffers data breach
Nearly 25% of Wyoming’s citizens may be affected by a data breach that occurred when an employee uploaded sensitive medical files to a public GitHub repository. The data has been publicly available since November 2020 and contains a significant amount of personally identifiable information, including medical test results. Officials for the Department of Health have begun contacting affected citizens and are offering identity monitoring services for one year.
Survey: Paying ransoms doesn’t pay
With ransomware attacks continuing to plague large corporations and demanded ransoms doubling in over the past, most victims who pay out are not receiving all their data back. In fact, in a global survey of IT decision makers, only 8% of ransomware victims reported the full return of their stolen or encrypted data, with 29% reporting receiving roughly half back. While these corporations may not have paid the entire initial ransom, the average amount paid is roughly $170,000, well below the typical initial demand of over $1.5 million.
Ransomware group threatens Metropolitan PD with data leaks
Following a ransomware attack on Washington D.C.’s Metropolitan PD, the ransomware group responsible is issuing demands in exchange for not leaking sensitive police data. The Babuk Locker group is believed to have stolen nearly 250GB of unencrypted files including identities of police informants and local gang affiliates. The group has warned that, along with a three-day limit of the ransom payment, they will begin contacting gangs and outing informants or officers running undercover operations.
Data breach exposes musicians’ data from Reverb.com
Sensitive contact information for a number of major musicians was exposed in a data breach targeting an unsecured database belonging to Reverb.com. The site sees more than 10 million visitors per month looking for new and used music merchandise, many of whom may be affected by the data leak and had personal and payment information exposed. Users of the site should be wary of emails from Reverb, as they may be used to steal additional information.