The Metropolitan Police Department (DC Police) has confirmed a cyberattack after ransomware operators allegedly breached their systems, leaking screenshots of stolen data. The threat actors said they managed to steal more than 250 GB of data from the DC Police network.
According to the leaked screenshot samples obtained by BleepingComputer, potentially sensitive information about police operations, disciplinary records, gang members’ files were exfiltrated from the department’s systems.
Before this acknowledgment, the Babuk Locker ransomware gang posted a message warning to the law enforcement agency that they have three days to respond to their demands. If no contact is made until the deadline, they will continue to leak confidential data and contact DC-operating criminal gangs to warn them about potential informants.
“Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage, if no response is received within 3 days, we will start to contact gangs in order to drain the informants, we will continue to attack the state sector of the usa, fbi csa, we find 0 day before you, even larger attacks await you soon,” the ransomware gang said.
It’s not clear if the DC Police has paid the threat actors to prevent the publication of any further information online. However, the department did ask the FBI to investigate how the Russian-based ransomware operators infiltrated their computer network.
“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” the Metropolitan Police Department said in a statement to BleepingComputer.