The disclosure of the sensitive records of the Azusa Police Department being hacked by the hackers revealed something big about the insurance ransom payment. The city officials have lately acknowledged that they had experienced another hefty ransomware attack. They have also mentioned that they hid the information from the public for about two years.
The public has also come to know that in the fall of 2018, the police department had provided an insurance ransom payment of $65,000 via its cybersecurity insurance carrier. The unknown hacker organization had taken into hostage 10 data servers at the police department. On Thursday, the Azusa City Manager named Sergio Gonzalez had mentioned.
“We were able to unlock one server after the ransom was paid but immediately after found a free key to unlock all other locked servers,” Gonzalez said in an email. “No information was compromised. Our servers were just locked. We verified with forensic experts that no data was compromised. That’s essentially why we did not and were not required to report it (publicly).”
The 2018’s breach apparently had been caused by a virus that had been unleashed. This happened after a city employee had opened a link or an email. The forensic experts had wiped, cleaned and restored the servers before making them go online after the interruption. Additionally, the city employees had also received computer security training and updates to the software and virus protection were supplied.
The Azusa Police Department mentioned that it was taking steps to improvise its security, while advising in its release for the data compromised individuals. Unfortunately, these precautions were not that effective and could not prevent the latest cyber attack at the Azusa police department leading to insurance ransom payment. The recent cyber hack was discovered on the 9th of March and publicly reported on the 27th of May, 2021.
The attack had been perpetrated by the DoppelPaymer ransomware. DoppelPaymer is a notorious ransomware gang that is better known for extorting victims and then publicizing their sensitive information on the dark web. The gang only releases the sensitive information if the victim refuses to ray the ransom. The ransomware gang is the one amongst the several other rogue hacker groups that had crippled the U.S. and foreign industries. This ransomware group has also been held responsible for crippling JBS S.A (largest meat producer in the world) and Georgia-based Colonial Pipeline.
The ransomware gang had demanded 10.33 Bitcoin (BTC) followed by a raise in the ransom to 15.5 Bitcoin. At that time it amounted to around $800,000, Gonzalez revealed.
“In consultation with incident response partners, including federal law enforcement, the department ultimately declined to participate in any ransom payment,” said Gonzalez, adding he could not disclose the type of information that was compromised due to an ongoing criminal investigation.
With the cross of the deadline for ransom payment and that the hackers did not receive it, they had posted to their website the hacked information of the police department. They had posted information like the jail records, Azusa police evidence records and several other data including the payroll information. The leaked information bore 11,835 views as of Friday.
The compromised records might have also included the Social Security Numbers (SSNs), California identification cards, driver’s license, military identification numbers and passports. Police said that additionally there might be medical, health insurance information and financial details leaked that were collected via an automated license plate.
Gonzalez mentioned that the latest hack is quite troubling.
“These types of attacks are becoming more and more common and, to a certain extent, much more sophisticated,” he said. “We are again working to ensure we have the best cyber defense. We have also brought in additional resources by contracting with cybersecurity experts to rebuild our entire system from top to bottom, including upgraded servers, software and anti-virus programs and a more robust backup system.”
To address any question people might have, the Azusa Police have established a dedicated assistance number. The number can also be used to provide credit monitoring services to the potentially affected mass. The assistance line can be reached at 855-535-1860 from 6 am to 6 pm on the five working days.
Source: Pasadena Star-News
Disclaimer: Read the complete disclaimer here.