Authorities in California are looking into a cybersecurity breach at the Department of Finance after a large ransomware organization claimed to have stolen private information and financial records from the organization.
In a statement released on Monday, the California Office of Emergency Services (Cal OES) called the danger a “intrusion” that had been “discovered via coordination with state and federal security partners.”
There were no specifics on the incident’s nature, those involved, or whether any information had been stolen in the statement. Prior to publishing, the California Department of Finance did not respond to TechCrunch’s inquiries.
LockBit claims to have stolen 76 terabytes of data, including “databases, confidential data, financial papers, certification, court and sexual processes in court, IT documents, and more” according to screenshots from the software.
California’s finance department has until December 24 to meet LockBit’s as-yet unidentified ransom demand. The ransomware group has threatened to release the whole stockpile of stolen data if the agency doesn’t pay.
The U.S. Department of Justice in November indicted a dual Russian and Canadian citizen connected to LockBit over his alleged role in attacks targeting critical infrastructure and major industrial entities around the world. This most recent hack occurred just a few weeks later. At the time, the DOJ alleged that LockBit had claimed at least 1,000 victims in the US and had received actual ransom payments totaling tens of millions of dollars from its victims.
We spoke to number of information security experts on this breach and below are their responses.