WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims.
As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity. Once the forensic specialists confirmed that our network was secure, we safely
restored our systems.Although our investigation is ongoing, we have determined that certain computer systems were subject to unauthorized access on May 24, 2021. Through the forensics process, we learned on July 1, 2021 that employee information was at risk.
Read more of the notice on WKRG.
As reported previously, Grief threat actors claimed to have exfiltrated 95 GB of data, and had uploaded a small portion of it as proof. On July 20, they updated their listing on the incident, and dumped even more data, noting:
The company appointed by the negotiator was not interested in resolving the situation and was stalling the time. That’s why we’re remove decryption keys and all the DATA can’t be recovered. All stolen DATA will be published step by step.