Police departments are
interesting. In business operations, you have business data, customer data, and
other points to secure. Police departments do have their operational information
but these places also hold a treasure trove of data on the crimes in their area
(i.e. evidence). This can be on the persons arrested, the crime, crime scene,
and associated data. In addition, the police provide critical service for the
area they serve.
Due to these factors, police
departments have and continue to be targeted. If simply breaking in isn’t
enough of an effort, encrypting or exfiltrating their data can be costly to the department. The Azusa police department recently felt the ransomware sting as
the department fell victim to this.
The department announced on
May 28, 2021 the issue as being compromised by the ransomware attack. The
attackers gained access to the data located in the department’s systems. The
department did not pay any ransom or fee. The details have not been provided.
From the published information, the ransom was based on releasing information
versus encrypting the systems.
The data accessed does appear
to be PII, unfortunately. In this case, the attackers appear to have access the
social security numbers, driver license numbers, California identification
numbers on financial accounts or health insurance. The police department
recommended to the parties effected to monitor their credit reports, statements
for their accounts, and other information for any unusual or suspicious
activity.
This is another example of
the far-reaching effects of ransomware. Granted the police department was not affected much, however, the persons permanent and long-term information was. If
the data was used for unauthorized purposes, correcting this can be difficult
and time consuming, not to mention frustrating.
No comments:
Post a Comment