Purported Elgin County data posted online by ransomware group: cyber threat expert
Matthew Trevithick reports:
The cybersecurity incident that has left Elgin County’s website and email system down since the start of the month may have been the result of a ransomware attack involving a notorious Russia-based ransomware syndicate, Global News has learned.
A cyber threat expert says data purporting to belong to the county was posted to the website of the ransomware group Conti on Monday, possibly shedding new light on the “technical disruption” that has been plaguing the county for the last several weeks.
Read more at CJOY.
Well, it may have been on Conti’s site on Monday, but a check just now does not find any listing for Elgin County and the news report indicates that it may have been removed Tuesday morning. That could mean one of a number things — that Conti is updating any data dump for them or that the county has suddenly reached out to try to negotiate something.
A notice on the county’s website today says:
Elgin County Web Services Restored
The County of Elgin experienced a technical disruption from April 1, 2022 – April 27, 2022. During this time, external email and website services were unavailable. If you emailed the County of Elgin between these dates, we did not receive your message. If you tried to reach us during this time, please reach out again by email, phone 519-631-1460 ext. 104, or in person at 450 Sunset Drive, St. Thomas.
It is not clear yet whether Conti exfiltrated any data with personal information.