PENSACOLA, Fla. (WKRG) — More than two weeks after the City of Pensacola was the victim of a cyberattack, a ransomware group has posted what it alleges is proof it has obtained city data.
Cyber criminals behind Maze ransomware posted Monday to its website two gigabytes of data, including 1,700 documents. These documents include timesheets, contracts, budgets and payrolls.
The group states on its website that the time sheet information is “ONLY 10% OF TOTAL INFO WE HAVE, ALL IN GISWEBENT ARCHIVE!!!”
It lists Pensacola as one of its victims failing to cooperate with its demands. Pensacola did not pay a ransom.
“Represented here companies dont wish to cooperate with us, and trying to hide our successful attack on their resources,” the post said. “Wait for their databases and private papers here. Follow the news!”
City of Pensacola spokeswoman Kaycee Lagarde confirmed to News 5 the city is aware of these claims by the Maze group.
However, Lagarde said, “there has not been any confirmation that any personal information has been compromised.”
Mayor Grover Robinson addressed the cyberattack Monday at his weekly press conference.
Robinson confirmed that some data was accessed during the cyberattack, but emphasized there had not been confirmation that any personal data was taken.
Robinson said “out of an abundance of caution,” the city would be notifying active employees, pensioners, active customers and housing clients about a potential data breach from the cyberattack.
The city will be offering identity protection services to about 60,000 individuals potentially affected by the attack for a 12-month period.
Brett Callow, a threat analysis with Emsisoft, told News 5 he has looked over the documents included in the Pensacola Maze data dump. Callow said from the documents he’s seen, it looks like personal information has been obtained, and those affected could be at great risk for identity theft.
“What people need to realize is that any personal information they have given to the city of Pensacola could be in the hands of an identity thief,” Callow said.
Lagarde said the city can’t provide additional details about specific data that was accessed due to the active criminal investigation.
The FBI is investigating the cyber attack. The city is also paying global professional services company Deloitte $140,000 to find out how the attack happened and what the city should do next.
- Alabama EMA, state troopers ready for latest tropical system
- 5 Things to do This Weekend for June 18th-20th
- Theodore High School severe weather shelter opening today at 5 p.m.
- Cooking with John: Moe’s BBQ Tomato and Watermelon salad
- Mississippi governor announces COVID-19 State of Emergency to end in August