As reported previously on this site, Hall County, Georgia had revealed a ransomware attack on October 7, but until now, we didn’t know who attacked them.
Now the threat actors known as DoppelPaymer have added Hall County to their dedicated leak site.
In their updates, the county had reported:
At this time, there is no evidence to show that citizen or employee data has been compromised. However, citizens and employees are encouraged to take precautionary measures to monitor and protect their personal information.
They have not revised that statement (their most recent update was on October 8), and so far, the proof DoppelPaymer has provided does not contradict their statement. If the threat actors did get personal information of citizens or employees, it is not reflected in the three pdf files the attackers uploaded as proof as “example files.” Those documents have to do with county planning and review of projects and would probably all be obtainable under public records laws.
I guess we will have to wait to see if the threat actors dump any other data.
Thanks to Dave Phelps, who alerted me to this addition to DoppelPaymer’s site.