"Virginia County Confirms Personal Information Stolen in Ransomware Attack"

Southampton County in Virginia recently started informing individuals that their personal information might have been compromised in a ransomware attack.  The incident was identified in September when a threat actor accessed a server at Southampton and encrypted the data that was stored on it.  The county stated that it took steps to contain the attack immediately after identifying it and that it launched an investigation into the incident to determine the type of data that might have been compromised.  The county noted that the investigation revealed that personal information such as names, addresses, driver's license numbers, and Social Security numbers might have been compromised.  Southampton County also confirmed that the threat actor behind the attack has posted some of the stolen data online.  The county noted that after they recovered from this incident, a single W-2 form appeared on the dark web with the criminal claiming that they removed sensitive data from the encrypted Southampton server.  The server in question held some archived County information.  In September, the LockBit 3.0 gang boasted on their leaks site on the Tor network about the attack on Southampton County.  The ransomware gang has only made public several screenshots showing mostly the names of folders allegedly stolen from the county's systems.  However, the page dedicated to Southampton also displays a "destroy all information" button and a "download data at any moment" button, both with a price tag of $90,000.

SecurityWeek reports: "Virginia County Confirms Personal Information Stolen in Ransomware Attack"