Albemarle County, Virginia, has pinpointed the cybercriminal group responsible for a significant ransomware attack that disrupted internet access in local government offices this past June. The county's spokeswoman, Abbey Stumpf, confirmed that the gang known as INC Ransom was behind the malicious cyber incident.
"The attack that we described before as a cybersecurity incident turned out to be a ransomware attack," said Stumpf. This clarification came exactly one month after the attack, which began on the evening of June 10.
"The attack that we described before as a cybersecurity incident turned out to be a ransomware attack,"
INC Ransom, which has been linked to Russia, has gained notoriety for its extortion tactics, which include stealing sensitive information and threatening to leak it unless a ransom is paid. The group has targeted various sectors since its emergence in July 2023, with over 230 reported attacks affecting hospitals, educational institutions, technology firms, and government agencies.
In a statement, Stumpf remarked, "The ransom was not paid to the cybercriminals," stressing that while the personal data of county residents and employees likely was accessed, there is currently no indication that this information is being used for any malicious purposes.
"The ransom was not paid to the cybercriminals,"
By the Numbers
By the Numbers
By the Numbers
She further elaborated, "The data that was illegally accessed may include information, including name, date of birth, Social Security numbers, and other similar identifiers." However, Stumpf added that evidence suggests only data from local servers was compromised, without any breach to cloud-based systems.
Impact and Legacy
Impact and Legacy
While the investigation continues to assess the attack's full impact, it appears likely that data from both local government and public school employees was affected. In contrast, the status of resident data remains less certain, with Stumpf stating it only 'may' have been compromised.
Despite this ongoing investigation, questions remain unanswered regarding when affected individuals will be notified of any data breaches. Stumpf refrained from commenting on the timing of such notifications or the county's decision to delay disclosing the incident's nature for over a month.
According to Stumpf, the county's team was aware of the ransomware specifics the morning of June 11 and had acted quickly to alert several federal and state agencies, including the FBI, the Cybersecurity and Infrastructure Security Agency, and the Virginia State Police Cyber Fusion Center.
Looking Ahead
Albemarle County has thus far provided limited public commentary since the attack, maintaining a tight lid on information as investigations progressed. As county officials sift through the details surrounding this cybersecurity incident, they seek to clarify the full scope of what data may have been exposed and how to bolster defenses against future attacks.
As for the county's next steps, an ongoing investigation will help determine additional actions for securing the integrity and security of its digital infrastructure. The experience from this cyber incident serves as a poignant reminder of the vulnerabilities that modern governance faces in an increasingly connected world.