Virginia's Southampton County has disclosed being impacted by a ransomware attack in September that may have compromised personal data, SecurityWeek reports.
Attackers infiltrated the county's server and proceeded to encrypt stored data, which may include personal information, such as names, addresses, Social Security numbers, and driver's license numbers, said the county in the breach notification letter that was also sent to the Montana Attorney General's office.
"After Southampton recovered from this incident, a single W-2 form appeared on the dark web with the criminal claiming that they removed sensitive data from the encrypted Southampton server. The server in question held some archived County information," Southampton County said in the letter.
The ransomware attack against the Virginia county has been claimed by the LockBit 3.0 ransomware operation on its Tor-based leak site in September. Numerous screenshots with the names of the folders claimed to have been stolen from the systems of Southampton County.
Both "destroy all information" and "download data at any moment" buttons were listed on the dedicated site for $90,000.
An ALPHV/BlackCat ransomware attack against major U.S. healthcare revenue and payment cycle management provider Change Healthcare has been dubbed the "most serious" cyber incident against any U.S. health organization.