The hacking group that infiltrated the server of the Metropolitan Police Department (MPD) in late April released a number of records pertaining to DC officers, after it failed to obtain the ransom it demanded.
The Russian-speaking gang, which calls itself the Babuk group, reportedly rejected MPD’s alleged offer to pay $100,000 in response to its threats of releasing stolen data, while the amount it asked for was $4 million.
“The negotiations reached a dead end, the amount we were offered does not suit us,” the hackers said on their website on Monday, May 10. “We are posting 20 more personal files on officers, you can download this archive, the password will be released tomorrow. if during tomorrow they do not raise the price, we will release all the data. You still have the ability to stop it.”
Babuk ransomware has not shutdown their operation. Today they released part 1 (of an unknown number of series) of @DCPoliceDept stating 'negotiations reached a dead end'. Additionally, they have targeted a K-12 school district in Oregon and leaked information on children. pic.twitter.com/orjUlkFIV4
— vx-underground (@vxunderground) May 11, 2021
Among the 250 GB of stolen data are arrests, investigation reports, disciplinary actions, and more.
The Babuk group shared screenshots on Tuesday, May 11 purported to be displaying its negotiations with DC police.
“Our final proposal is an offer to pay $100,000 to prevent the release of the stolen data. If this offer is not acceptable, then it seems our conversation is complete. I think we both understand the consequences of not reaching an agreement. We are OK with that outcome,” said a message appeared to be from MPD, according to The Hacker News.
A Twitter account affiliated with the Babuk group, @vxunderground, said in a tweet that the group’s “operation” on the police department was ongoing, calling the released data “part 1,” and claimed it has also targeted a K-12 school district in Oregon and leaked data on children.
“We are some kind of a cyberpunks, we randomly test corporate networks security and in case of penetration, we ask money, and publish the information about threats and vulnerabilities we found, in our blog if company doesn’t want to pay,” says the group about itself.
The Federal Bureau of Investigation (FBI) is currently investigating the cyber attack.