The Metropolitan Police Department has confirmed a ransomware attack in which hackers stole sensitive data. Following the breach, Babuk ransomware gang said they had compromised the DC Police’s networks and stolen 250 GB of unencrypted files. The hackers posted screenshots of stolen data to prove their catch forcing the police to acknowledge the breach.
The Metropolitan Police Department is the primary law enforcement agency operating in Washington, DC, USA.
Babuk is a relatively new ransomware gang first detected in 2021 that has impacted at least five big enterprises.
The DC Police revealed that hackers breached a server and that the FBI is investigating the incident.
“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” Metropolitan Police Department told BeepingComputer in a statement yesterday.
Babuk hackers posted screenshots of folders they claim to have stolen during the attack. According to BeepingComputer, judging by the folder names they contain files related to operations, disciplinary records, and files related to gang members and “crews” operating in DC.
The Babuk gang drew special attention to a file that seems to be related to arrests linked to the January 6th protest and storming of the Capital Building.
The ransomware gang warned they would start contacting gangs and warning them of police informants if the DC police don’t contact them to negotiate a ransom in 3 days.
“Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage, if no response is received within 3 days, we will start to contact gangs in order to drain the informants, we will continue to attack the state sector of the usa, fbi csa, we find 0 day before you, even larger attacks await you soon,” stated the Babuk ransomware gang on their data leak site.