BlackByte ransomware claims responsibility for Augusta city cyberattack

The city of Augusta in Georgia, USA has confirmed that the latest computer system outage was caused by unauthorized access to its network.

The administration has not disclosed the nature of the cyberattack, but ransomware gang BlackByte has released the city of Augusta as one of its victims.

Augusta is Georgia’s second largest city after Atlanta, and its metropolitan area has a population of over 611,000.

The city explained on its online portal that it began to “experience technical difficulties” on Sunday May 21, which disrupted some of its computer systems.

The announcement clarifies that this incident is not related to the computer system failure that occurred the previous week.

An investigation has been launched to determine the full impact of the cyberattack “and to restore full functionality to our systems as soon as possible”.

It is unclear at this time if the threat actors managed to access or steal sensitive data.

“Augusta’s Information Technology Department continues to work diligently to investigate the incident, to confirm its impact on our systems, and to restore full functionality to our systems as soon as possible,” the report said. city ‚Äč‚Äčannouncement.

“We continue to investigate sensitive data, if any, that may have been impacted or accessed.”

A statement from Garnett Johnson, the city’s mayor, also clarifies that recent media reports of Augusta being held hostage for a $50 million ransom are false.


BlackByte Extortion

BlackByte posted the city of Augusta on its extortion site, claiming responsibility for the recent attack.

BlackByte main page
BlackByte main page (BleepingComputer.com)

The threat actors even created a pop-up to highlight their latest victim to all visitors to the site, warning the city administration that “time is running out” and asking them to get in touch.

BlackByte claims to have troves of sensitive data stolen from Augusta’s computers and leaked a 10GB sample of data as evidence of their breach.

The leaked documents seen by BleepingComputer contain payroll information, contact information, personally identifiable information (PII), physical addresses, contracts, city budget allocation data, and other types of details.

Sample data leaked by BlackByte
Sample data leaked by BlackByte (Computer Beep)

It is important to emphasize that the origin and authenticity of the leaked data have not been verified.

The ransom demanded for the deletion of the stolen information is $400,000. The BlackByte ransomware gang also offers to resell the data to interested third parties for $300,000.

There have been several ransomware attacks in major cities across North America this year. In most cases, they have disrupted the provision of essential services to citizens.

In February, the city of Oakland in California suffered a ransomware attack of gang playforcing him to declare an emergency. In March, another ransomware group, LockBit, claimed a second attack over the city of Oakland.

At the end of March, the city of Toronto, Canada, was hacked by Clop ransomware gang which exploited a GoAnywhere zero-day vulnerability for initial system access.

More recently, in May, the city of Dallas, Texas was attacked by Royal ransomware groupforcing the metropolis to shut down many of its computer systems to contain the infection.


Source link