“No data leak signals have been detected.” Unfortunately for the Loiret department, this observation could well be refuted very quickly. Because the community, victim of a computer hack at the beginning of November, has just been blacklisted on the LockBit cybercriminals’ site.
The latter in fact claim to have stolen 240 gigabytes of data from the department’s information system. The latter’s teams “are mobilized to verify this hypothesis, its veracity and characterize the nature of this data”, he underlines.
Countdown
Hackers are now demanding the payment of a ransom, without a specified amount, not to disclose the allegedly stolen data. The countdown to the extortion attempt expires on November 25. A request which will certainly not be met, the community having filed a complaint.
This worsening of the situation, if the hackers’ assertions prove correct, illustrates the difficulties for a victim to communicate at the start of a computer crisis. You have to say enough to inform the public but not get too far ahead, when the technical fog can be very important, to avoid being contradicted later.
Limited data loss
Small consolation for the department: the servers, “after having been assessed all last week, are once again accessible to services”, explains the community. “The loss of data updates is thus very limited, thanks to an effective daily backup system,” she adds.
According to a report from seven cybersecurity agencies, including the French Anssi, the LockBit cybercriminal franchise is responsible for 11% of ransomware attacks tracked since 2020. The gang, which has just claimed to have hacked the aeronautics giant Boeing, information to be taken with a grain of salt for the moment, for example targeted the company Voyageurs du monde in June.
A company which also initially believed that it had not lost control of customer data, an observation unfortunately subsequently denied.