Tuesday, February 27, 2024

TO PAY OR NOT TO PAY

New ransom deadline in Fulton County cyberattack, officials confirm

Fulton County officials confirmed a cybercriminal group claiming responsibility for the cyberattack against county servers has set a new ransom deadline.

 

Feb. 26, 2024


Fulton County Faces New Ransom Demand as LockBit 3.0 Cyberattack Saga Continues


ATLANTA, Ga. - The cybercriminal group who claimed responsibility for hacking Fulton County government servers last month has posted a new ransom deadline, county officials confirmed Monday.

The multinational ransomware gang LockBit 3.0 is threatening to release sensitive information it said it obtained from the cyberattack if county officials don’t pay the ransom.

Fulton County officials believe the personal data of citizens may have been leaked, but they have a plan in place if compromising information is released, they said.

Atlanta News First has confirmed with cybersecurity sources who’ve seen the published threat on a dark web portal that LockBit 3.0 is calling for the county to meet its demands by 8:39 a.m. Thursday.

“In anticipation of any potential leak of stolen data, we are collaborating with internal and external agencies to ensure individuals who may be affected by the release of any highly sensitive documents are provided resources and support,” county spokesperson Jessica Corbitt said in a statement Monday.

“We are already actively working in partnership with local, state, and federal officials and law enforcement and will continue to do so as this situation evolves,” Corbitt added.

The Jan. 28 cyberattack has left several Fulton County government services unavailable for weeks.

The group previously set a deadline for early in the morning of Jan. 16 for county leaders to pay a ransom, threatening to release sensitive information if they didn’t.

Soon after the initial deadline passed, Fulton County Commission Chairman Robb Pitts said a dark web site believed to be operated by LockBit 3.0 was disrupted by the FBI and its international allies.

Pitts said the county did not pay any ransom and that officials were unsure if the public’s data was compromised.

County commissioners approved a request for a $10 million plan for upgrades of their internal software system following the attack.

Corbitt said county officials learned over the weekend that LockBit 3.0 reestablished a site on the dark web and “once again listed Fulton County as one of their victims, with a renewed threat to release purportedly stolen data.”

Corbitt said the county’s “focus remains on safely restoring services for our citizens and we continue to work in close coordination with law enforcement.”

County leaders are working with cybersecurity experts to determine what data may have been stolen, which involves an “extensive review process,” Corbitt said.

“This thorough and comprehensive review may take some time,” Corbitt said. “If we determine that peoples’ personal information was involved in this incident, we will make all legally required notifications and provide them with resources to help protect their personal information.”

1 comment:

Anonymous said...

By the time any warning about personal info has been received, it will be too late. Be prepared. Canned goods, water, cash, and stay strapped.