California Probes Cyberattack Against State’s Finance Department

The Russia-affiliated ransomware group known as LockBit claims responsibility.

Bloomberg News

December 12, 2022

2 Min Read
California Probes Cyberattack Against State’s Finance Department
Bloomberg

(Bloomberg) -- California’s finance department has been hit by a cybersecurity attack, and a notorious ransomware group is claiming responsibility.

The Russia-affiliated group dubbed LockBit claimed responsibility for the ransomware attack on the agency, and said it has given the Department of Finance until Dec. 24 to pay up or else it will publish a cache of stolen files. The hacking group claims to have stolen 76GB of data, including IT and financial documents, confidential data and “sexual proceedings in court,” according to the group’s blog.

LockBit ransomware has been deployed against at least 1,000 victims since January 2020, when it first appeared, according to the US Justice Department. LockBit members have made at least $100 million in ransom demands and extracted tens of millions of dollars in actual ransoms, according to DOJ.

During a ransomware attack, hackers encrypt a victim’s data — and often steal files beforehand — and hold them hostage until a ransom is paid, usually in cryptocurrency. Sometimes hackers leak documents to put pressure on the victims to pay.

“While we cannot comment on specifics of the ongoing investigation, we can share that no state funds have been compromised, and the department of finance is continuing its work to prepare the governor’s budget that will be released next month,” California’s cybersecurity center said in a statement.

Related:Ransomware Security for IT Pros: 2022 Report

Governor Gavin Newsom must present his budget for the next fiscal year by Jan. 10. As of midday California time, the state’s website for past and current budgets remained inaccessible. The current budget allocated $38.8 million for cybersecurity efforts.

The cybersecurity center said the attack was “proactively identified through coordination with state and federal security partners.” The agencies that comprise the center, including the Office of Emergency Services, Department of Technology, California Military Department and California Highway Patrol, have responded to identify the threat, assess its extent and “evaluate, contain and mitigate future vulnerabilities.”

About the Author

Bloomberg News

The latest technology news from Bloomberg.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like