LockBit removed Fulton County from its leak site once a deadline passed for a ransom payment to keep the hacking group from releasing data it claimed to have stolen from government servers.
Krebs on Security told Rough Draft that the hacking group had removed the county from its site, but did not know if that meant they were getting ready to publish any of the data.
“Over the weekend, we became aware that the LockBit ransomware group re-established a site on the dark web and have once again listed Fulton County as one of their victims, with a renewed threat to release purportedly stolen data,” a statement from Fulton County earlier this week said. “Our focus remains on safely restoring services for our citizens and we continue to work in close coordination with law enforcement.”
The Atlanta Journal-Constitution reported on Saturday that a new countdown was set to release those documents, which is counting down to 8:49 a.m. on Thursday, Feb. 29. After that deadline passed the Fulton County posting on the LockBit site was removed.
Fulton County still doesn’t know what data the LockBit group may have accessed, the statement said. The county is working with cybersecurity experts to determine what data may have been stolen, and to get a better understanding of what information may be involved.
“If we determine that peoples’ personal information was involved in this incident, we will make all legally required notifications and provide them with resources to help protect their personal information,” the statement said.
Rough Draft Atlanta reported on Feb. 20 that the U.S. Justice Department in collaboration with other international law enforcement agencies had shut down much of LockBit’s dark website, which included information about Fulton County.
The county continues to work in partnership with local, state, and federal officials and law enforcement.
Fulton Commission Chair Robb Pitts said in a press…
Read the full article here