The LockBit ransomware gang claims to have stolen 76Gb from the California Department of Finance and is threatening to leak the stolen data if the victims will not pay the ransom by December 24.
On December 12, the California Department of Finance confirmed the security incident with a statement.
“The California Cybersecurity Integration Center (Cal-CSIC) is actively responding to a cybersecurity incident involving the California Department of Finance.” reads the statement. “The intrusion was proactively identified through coordination with state and federal security partners. Upon identification of this threat, digital security and online threat-hunting experts were rapidly deployed to assess the extent of the intrusion and to evaluate, contain and mitigate future vulnerabilities. The response effort includes multiple public and private agencies including the partners who make up the Cal-CSIC: the Governor’s Office of Emergency Services, Department of Technology, California Military Department and California Highway Patrol.”
The group added the US agency to the list of victims published on its Tor leak site. The LockBit ransomware gang claims to have stolen databases, confidential data, financial documents, certification, court and sexual proceedings in court, IT documents and more.
The images published by the gang as proof of the hack include spreadsheets containing financial data, a contract, 2022 budget details, and more.
LockBit is currently one of the most active and dangerous ransomware operations, it is responsible for the majority of ransomware attacks conducted in 2022.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, California)