Gareth Corfield reports:
The Clop ransomware gang pwned a managed service provider with access to the UK’s Police National Computer, dumping data on its dark web leaks site – but officials deny that police data was compromised.
Dacoll, a Scotland-based MSP, was attacked in October by the notorious criminal crew. Reports surfaced in the Mail on Sunday newspaper over the weekend that the criminals had published information from the Police National Computer on their leaks site.
The paper claimed that data was harvested through illicit access to Dacoll’s systems when the company was subject to a ransomware attack back in October.
While the Home Office acknowledges that there was a breach involving Dacoll, it denies that the threat actors obtained any data from the Police National Computer.
Did the Mail on Sunday mischaracterize the source of the stolen data or did the threat actors remove the data in hopes of turning the heat down?
Read more at The Register.
Clop has had a number of its affiliates arrested in the past year. Perhaps law enforcement actions against REvil and DarkSide have made them a bit more leery, although their initial statement on their leak site (now removed but quoted in TechMonitor) read:
“There are certain times when even we get caught by surprise when a company is lack [sic] so much brain power to follow simple instruction,” it said. “Instead of joining chat you email like sky is shaking then you decide to publish your secret chat on internet and make sure all media and their mommies join chat. Now the result of you incompetent IT and lack of brain cell result in you being famous.”
“Blustery” springs to mind. Have wiser heads prevailed, though?