A ransomware gang that hacked the District of Columbia’s Metropolitan Police Section (MPD) in April posted staff documents on Tuesday that discovered highly sensitive facts for just about two dozen officers, together with the results of psychological assessments and polygraph tests driver’s license illustrations or photos fingerprints social stability quantities dates of start and residential, monetary, and marriage histories.
The knowledge, involved in a 161MB obtain from a site on the dim website, was produced available right after negotiations broke down in between associates of the Babuk ransomware group and MPD officials, according to screenshots purporting to be chat transcripts among the two organizations. Following earlier threatening to leak the names of private informants to crime gangs, the operators agreed to remove the information while they carried out the now-aborted negotiations, the transcripts showed.
“This is unacceptable”
The operators demanded $4 million in trade for a assure not to publish any far more info and deliver a decryption key that would restore the facts.
“You are a state establishment, take care of your info with respect and feel about their cost,” the operators stated, in accordance to the transcript. “They price tag even more than 4,000,000, do you comprehend that?”
“Our final proposal is to give to shell out $100,000 to reduce the release of the stolen information,” the MPD negotiator ultimately replied. “If this provide is not appropriate, then it appears our discussion is entire. I assume we realize the consequences of not reaching an agreement. We are Okay with that final result.”
“This is unacceptable from our side,” the ransomware representative replied. “Follow our site at midnight.”
A write-up on the group’s internet site explained, “The negotiations attained a lifeless close, the quantity we ended up made available does not accommodate us, we are publishing 20 a lot more particular information on officers.” The 161MB file was password-shielded. The operators later on posted the passphrase just after MPD officers refused to increase the price tag the department was ready to fork out.
A few of the names mentioned in the staff data files matched the names of officers who work for the MPD, website lookups showed. The information were based mostly on history investigations of work applicants beneath thing to consider to be hired by the department.
MPD representatives did not reply to issues about the authenticity of the transcripts or the present status of negotiations.
Like virtually all ransomware operators these days, these with Babuk make use of a double extortion product, which charges not only for the decryption key to unlock the stolen knowledge but also in exchange for the guarantee not to make any of the facts out there publicly. The operators typically leak tiny quantities of information in hopes of motivating the victims to shell out the cost. If victims refuse, long run releases consist of ever far more private and sensitive information and facts.
The ransomware attack on the MPD has no acknowledged connection to the 1 that has hit Colonial Pipeline.