Skip to main content

Georgia county voter information leaked by ransomware gang


The DoppelPaymer ransomware gang has released unencrypted data stolen from Hall County, Georgia, during a cyberattack earlier this month.

On October 7th, Hall County in Georgia announced that they had suffered a ransomware attack that impacted their networks and phone systems.

At the time, Hall County stated that there was no indication that the hackers stole any unencrypted data before performing the attack,



"At this time, there is no evidence to show that citizen or employee data has been compromised. However, citizens and employees are encouraged to take precautionary measures to monitor and protect their personal information," Hall County stated.
Hall County data leaked by threat actors

Today, the DoppelPaymer ransomware gang published a little over 1 GB of unencrypted files stolen from Hall County computers and claim to have encrypted 2,464 devices during the attack.
The leaked data includes 911 spreadsheets, election documents, lobby comment cards, and accounting and financial records.


The election documents reviewed by BleepingComputer contain ballot proofs, poll worker lists, administrative documents, accounting and financial records, and city bulletins. Also included are voter registration records containing resident's voter registration ID, full name, address, and assigned ballot, which is, for the most part, public information.

BleepingComputer has been told that at least one document contained a voter's social security number.

While most of the information released as part of this leak is public info, the data can be used in targeted phishing attacks or even for voter intimidation.

Last week, the US government disclosed that Iran was behind voter intimidation emails sent to Democrats in Florida and Alaska that pretended to be from the far-right Proud Boys group.

 

News Source @ Bleepingcomputer

Comments

Popular posts from this blog

Unleashing Chaos: Craxs Rat Update V5 Introduces Terrifying New Features

The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements. This update further strengthens the capabilities of Craxs Rat, posing an increased threat to individuals and organizations alike. In this article, we delve into the details of the updated features of Craxs Rat V5, shedding light on its improved functionality and potential impact on cybersecurity.

Prilex: The Most Advanced PoS Malware with the Ability to Block Contactless Payments

Prilex is a highly advanced malware that has evolved from ATM-focused malware into a unique modular PoS malware, known to be the most advanced PoS threat seen so far. It has a unique cryptographic scheme, performs real-time patching in target software, forces protocol downgrades, manipulates cryptograms, performs GHOST transactions and performs credit card fraud. Recently, three new versions of Prilex have been discovered with the ability to block contactless payment transactions, which have become popular due to the pandemic. These new versions block NFC-based transactions and force victims to use their physical card by inserting it into the PIN pad reader, which allows the malware to capture the data coming from the transaction.

BlackLotus UEFI Bootkit: A New Threat to Windows Security

In March 2023, security researchers from ESET announced the discovery of a new UEFI bootkit called BlackLotus . This bootkit is capable of bypassing UEFI Secure Boot, a security feature that is designed to prevent malware from infecting a computer's firmware. Once BlackLotus is installed, it can give an attacker complete control over the computer, including the ability to steal data, install other malware, and disrupt the computer's operation. BlackLotus is a sophisticated piece of malware that is difficult to detect and remove. It is also relatively new, so there is limited information about how it works. However, ESET researchers have been able to learn a lot about BlackLotus, and they have published a detailed analysis of the malware.