Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Virginia County Confirms Personal Information Stolen in Ransomware Attack

Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack.

The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it.

Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack.

The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it.

The county says that it took steps to contain the attack immediately after identifying it, and that it launched an investigation into the incident, to determine the type of data that might have been compromised.

The investigation revealed that personal information such as names, addresses, driver’s license numbers, and Social Security numbers might have been compromised, the county says in a notification letter sent to impacted individuals, a copy of which was submitted to the Montana Attorney General.

“Although we have no conclusive evidence that the cybercriminal was successful in removing your personal information from Southampton’s server, out of an abundance of caution we wanted to alert you to this matter and provide you with free credit monitoring,” the letter reads (PDF).

Southampton County also confirmed that the threat actor behind the attack has posted some of the stolen data online.

“After Southampton recovered from this incident, a single W-2 form appeared on the dark web with the criminal claiming that they removed sensitive data from the encrypted Southampton server. The server in question held some archived County information,” the letter reads.

In September, the LockBit 3.0 gang boasted on their leaks site on the Tor network about the attack on Southampton County.

Advertisement. Scroll to continue reading.

The ransomware gang has only made public several screenshots showing mostly the names of folders allegedly stolen from the county’s systems. However, the page dedicated to Southampton also displays a ‘destroy all information’ button and a ‘download data at any moment’ button, both with a price tag of $90,000.

Related: California County Says Personal Information Compromised in Data Breach

Related: Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses

Related: Samsung US Says Customer Data Compromised in July Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.