Cyber Weekly Digest - Week #18

Updated: May 7, 2021

This week’s digest includes stories from around the world, including threat actors warning they will expose Washington DC Police informants and a ransomware attack on the Brazilian state Rio Grande do Sul’s court system. Keep reading to find out about the latest cyber security stories.

1. The Washington DC Police confirm they have been hit by a cyber attack.

The Washington DC Police released a statement following the Babuk Locker gang claimed they had compromised DC Police’s networks and were able to steal 250GB of unencrypted files. The ransomware gang released screenshots of the allegedly stolen files; one of the files relates to the arrests following the January 6th protest, which stormed the Capital Building. The gang has warned that DC Police have three days to contact them, or they will start contacting gangs to warn them of police informants. Babuk ransomware briefly posted a short message this week about their intention to quit the extortion business after achieving their goal.

2. Credit scores of almost all Americans were exposed through an API tool used by the Experian credit bureau.

A researcher has found that the credit scores of Americans are exposed due to an API tool used by the Experian credit bureau, left open on a lender site without security protection. The researcher found that he could access the credit scores with publicly available information such as name and date of birth. He was even able to build a command-line tool that let him automate lookups, even after entering all zeros in the fields for date of birth. Experian said it fixed the unprotected endpoint instance, but some researchers are concerned that other exposed Experian APIs might be out there, sitting unprotected.

3. Brazil’s court system for the Rio Grande do Sul was hit with a REvil ransomware attack.

The court system for the Brazilian state of Rio Grande do Sul suffered a ransomware attack this week. On Wednesday morning, employees suddenly found that all their documents and images were no longer accessible, and ransom notes had appeared on their Windows desktops. The REvil group are responsible and have demanded a $5,000,000 ransom to decrypt files and not leak data.