Ransomware, Cloud Security, Data Security

LockBit-leaked DC city agency data from third party

Hacker attack computer hardware microchip while process data through internet network, 3d rendering insecure Cyber Security exploit database breach concept, virus malware unlock warning screen

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Tyler Technologies confirmed that an isolated portion of its private cloud hosting environment containing data from STAR system clients, including DISB, was compromised last month, allowing the exfiltration of personally identifiable information.

"…[O]ur security and technical support teams began working to restore system access in a safe and secure manner. Known, good (immutable) backups were available, and recovery of the application environment and associated data have been a focus for Tyler since we discovered this situation. Our investigation found that a threat actor encrypted the system and acquired data," said Tyler Technologies, which dismissed the link between the latest incident and a data breach in September 2020.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.