Ransomware gang releases DC police records

A group of ransomware hackers leaked internal police files from Washington, D.C.’s Metropolitan Police Department (MPD), releasing officers’ personal information including psychological evaluations, credit history and Social Security numbers.

Vice reports that the cyber criminal group behind the leak is called Babuk, which claimed the monetary offer the department made to prevent the leak was not enough.

“The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers, you can download this archive, the password will be released tomorrow,” the group wrote on its website, according to Vice. “If during tomorrow they do not raise the price, we will release all the data.”

The leaked information also included polygraph tests, social media posts, employment history, financial liabilities and scanned copies of officers’ driver’s licenses.

“Yesterday, approximately 20 members’ information was released through the access obtained from MPD’s network by unauthorized parties,” MPD told The Hill. “Additionally, [MPD Chief Robert Contee] sent an email last week to all MPD members with instructions on how to sign up for a credit monitoring service. There is no further information available to provide at this time.”

Babuk first claimed to have stolen 250 GB of information from the department in late April, a breach that was confirmed by the department.

“We are aware of unauthorized access on our server,” a spokesperson told Vice at the time. “While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”

Vice notes that Babuk’s operation differs from other ransomware schemes that operate by encrypting files and demanding a ransom in exchange for unlocking them. Instead, Babuk stole the data and threatened to release it unless a ransom demand was met.

Another ransomware hacking group, DarkSide, demanded a ransom after carrying out a cyberattack on Colonial Pipeline and shutting down 5,500 miles of pipeline that supplies much of the East Coast’s fuel. It is not clear if Colonial paid a ransom to the group.

In its official page regarding ransoms, the FBI advises ransomware victims against paying demands, Vice notes.

“The FBI does not support paying a ransom in response to a ransomware attack,” the agency advises. “Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”

–Updated on May 12 at 9:40 a.m.