PRESQUE ISLE, Maine — Ransomware hackers made good on a threat to release sensitive data from the Presque Isle Police Department if an undisclosed amount was not paid.
Nearly 200 gigabytes of data, including 15,000 emails and police reports and witness statements from the 1970s to the present, were published by an unidentified ransomware group to the Avaddon leak site on the dark web, according to a June 7 report by the website Distributed Denial of Secrets, a non-profit journalism collective that tracks and releases hard-to-access public data.
About 10 percent — 20 gigabytes — of the published cache is the police department’s music collection, the website said.
The Presque Isle cyberattack is one of many recent global data hacks on municipalities, schools, universities and seemingly random businesses. And in the past month, cybercriminals have hit many high-profile targets like the Colonial Pipeline, U.S.-based food processor JBS and Ireland’s health service, crippling their operations.
On Wednesday, JBS admitted paying an $11 million ransom following an attack that shut down several plants. And Colonial Pipeline officials are still grappling with an attack that shut down 5,500 miles of gas pipeline that supplies much of the eastern U.S.
News of the Presque Isle ransomware attack first surfaced in mid-April at nearly the same time as the Metropolitan Washington D.C. Police Department data was being held ransom for about 250 gigabytes of stolen data that was later released as well.
Initially, the Avaddon Ransomware-related cybergang gave the Presque Isle Police Department 10 days to pay up, threatening to begin dumping the files on the dark web if police did not comply.
City officials reported the unauthorized access into the police department server to the FBI and they were able to restore the data from a daily backup, City Manager Martin Puckett said in April, declining comment on the city’s plans to pay or not.
Puckett did not respond this week to messages regarding the impact of the data release and whether the city has taken new computer security measures.
The FBI tells ransomware victims to not pay the ransom, FBI Boston Division spokeswoman Kristen M. Setera said, adding that this is a persistent problem and her office receives two to three reports a week of ransomware attacks in Maine.
During 2020, the FBI’s Internet Crime Complete Center reported seven Maine ransomware attack victims with about $95,178 in reported losses.
Two years ago, Augusta’s city server was hit with a ransomware attack. City officials refused to pay the $100,000 ransom and instead, the city rebuilt its system.
Ransomware is frequently delivered through phishing emails that contain malicious attachments or links to malicious websites. Once the victim’s device is infected with ransomware, the files become encrypted and the data owner is no longer able to access their own data. The criminal then demands the payment of a ransom to get the files returned.
These ransomware attacks are what experts call double extortion schemes that not only hold the data hostage, but after a specified time, they also threaten to dump all the stolen files onto a dark website for anyone with access to read.
When the Presque Isle Police Department ransom clock dramatically ran out at the end of April, the cybercriminals did not immediately release the data, extending the time to get a ransom paid.
It is still not known if Presque Isle paid any ransom to the cybercriminals.