Hackers Steal Washington, D.C. Police Files, Threaten to Release Data
Washington Metropolitan Police Department chief Robert Contee speaks during a news conference after a car crashed into a barrier on Capitol Hill near the Senate side of the U.S. Capitol in Washington, Friday, April 2, 2021. AP Photo/Alex Brandon
Connecting state and local government leaders
Ransomware threats are nothing new to local governments, but experts say this one poses significant risk to officers and ongoing investigations.
Hackers stole personnel files of Washington, D.C. police officers, the city’s police chief confirmed after the hacking group briefly posted a portion of the information online and threatened to release additional stolen data.
Ransomware threats are nothing new to local governments, which have been targeted by hackers in a number of high-profile attacks in recent years. But cybersecurity experts said the theft and threat to publicly release stolen police data poses a unique and significant risk to both officer safety and ongoing investigations.
The hacking group Babuk claims it stole 250 gigabytes of data from the Metropolitan Police Department, including personnel files and identifying information on confidential informants, according to initial reports on the cyberattack. The group posted personnel files, including background investigative documents for several officers, on its website temporarily, according to NBC News, which confirmed the authenticity of the information with one of the officers.
“The possibility of this data becoming public could be devastating depending on what information the criminals have,” said Brett Callow, an analyst for the cybersecurity company Emsisoft, who has been tracking the hack. “It could put officers in danger.”
MPD Chief Robert Contee sent a department-wide email Wednesday alerting officers that human resources files with personally identifiable information were taken in the hack.
“As we continue to determine the size and scope of this breach, please note that the mechanism that allowed the unauthorized access was blocked,” Contee wrote. “We are working to identify all impacted personnel, who will be contacted directly with additional guidance.”
The city’s Office of the Chief Technology Officer and federal investigators are working with the department to determine the scope of the cyber intrusion. Officials have not said how the police department data was accessed or whether the city is negotiating with the hacking group.
Hackers are increasingly demanding more money from local governments to resolve ransomware attacks. The Federal Bureau of Investigations advises victims of ransomware attacks not to pay ransom fees as there is no assurance as to what hackers will do with the stolen data once a ransom is paid.
The Babuk group appeared Friday to back off its threat to release the stolen data, posting a message on the dark web that said it would instead make its malware source code available for others to use.
Regardless of what happens with the stolen D.C. police data, the breach poses a secondary danger in that it could undermine the level of trust that citizens have in their local police department to keep records confidential, said Alan Shark, the executive director of the Public Technology Institute, which offers cyber security training to local governments.
“This may make people think about what they put in writing and put in official records,” Shark said. “If there is a further lack of trust in our public institutions and their ability to keep and secure records, it will have a chilling on effect on so many levels.”
“They are going to pay a price one way or the other,” Shark said.
Andrea Noble is a staff correspondent with Route Fifty.
NEXT STORY: 4 Ways States Can Mitigate K-12 Student Learning Losses