The hackers, who infected about 10,000 of Baltimore city government’s computers last month, have allegedly leaked government documents on Twitter. It’s believed that an unknown Twitter account, which is claimed to be owned by the hacker group, has been used to leak the sensitive documents, the Baltimore Sun reported.
The officials of Baltimore and federal authorities stated that they’re investigating the documents posted by the attackers. One of the documents that hackers leaked included a detailed assessment of a woman’s medical history, the officials said. The authorities also clarified that there’s no evidence that any personal data misused in the incident.
On May 7, 2019, several of the Baltimore city services were halted after a ransomware attack hit city computers. The hackers infected about 10,000 of Baltimore city government’s computers with ransomware called RobbinHood. The attackers asked the city officials pay 13 bitcoins (about $100,000) to release the city’s systems, warning that price would go up every day after four days, and after the tenth day, the affected files would be lost permanently.
“We’ve been watching you for days and we’ve worked on your systems to gain full access to your company and bypass all of your protections,” the ransom note read. “We won’t talk more; all we know is MONEY. Hurry up! Tik Tak, Tik Tak, Tik Tak!”
The authorities stated the attack taken the Baltimore city government hostage. The city government can’t access email accounts, parking fines database, process payments to employees and the citizens remain unable to make utility payments, property taxes, and vehicle citations.
In a similar incident, the Los Angeles Times and several Tribune Publishing newspapers recently faced printing and delivery issues after encountering a cyber-attack that reportedly involved a ransomware. The Associated Press quoted the Chicago Tribune reporting that the publishing and printing systems of several Tribune Publishing newspapers were affected due to a computer virus. The Los Angeles Times reported that some people said the attacks appeared to be in the form of Ryuk ransomware.
The Chicago Tribune’s print edition on Saturday, December 29, 2018, was published without paid classified ads and death notices due to the attack. However, the publisher clarified that no customer and financial information was leaked.