A new online post by the DoppelPaymer gang further suggests that a cyberattack experienced by Torrance, California in late February-early March was a case of ransomware -- one that appears to have affected personal data, despite the Los Angeles-area city's claims otherwise.

Brett Callow, threat analyst at Emsisoft, shared several examples of sensitive data published on DoppelPaymer's doxxing site, where the threat actors post documents stolen from victims as part of an extortion scheme. Examples included a probation violation form from the Torrance City Attorney's Office; a declaration in support of access to juvenile records filed with the Superior Court of California, County of Los Angeles; and a budget import audit listing.

BleepingComputer has reported that the attackers demanded a 100 ransom -- which falls a bit short of $700,000 -- after decrypting key files and exfiltrating breached data under the threat of publishing it.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.