Al: Mobile County cyberattack shut down systems for 3 days, sparked federal investigation

Yesterday, Al.com reported a ransomware attack on Mobile County, Alabama:

The county, in a statement released to the media Wednesday, confirmed it discovered a malware affecting “certain systems.” The infection occurred last week and prompted the county to shut down its system for about three days, according to Mobile County Commissioner Connie Hudson.

[…]

Broussard declined to say which specific systems were affected.

Last week, the county tweeted a warning about an attack.

The attack was first reported by SuspectFile on May 31 after it appeared on the dark web leak site of threat actors calling themselves Pay or Grief (or Grief — this site STILL hasn’t gotten an answer from them as to their name). But on the leak site, they wrote:

“The network of Mobile County, Alabama was screwed and now we have about 95 GB data from file servers, including internal company documents, personal and HR data. According to our rules we are publishing this data step by step in case if this company will keep silence.”

Unlike threat actors that may negotiate for weeks before adding a victim to their leak site to increase pressure on them, these threat actors added the county on May 27, and then dumped more data on June 3.

As proof, they offered one screencap and two small folders of files that appear to be routine county business.


Editing and additional material by Dissent

 

 

 

 

About the author: chum1ng0

Comments are closed.