(Bloomberg) -- California’s finance department has been hit by a cybersecurity attack, and a notorious ransomware group is claiming responsibility.
The Russia-affiliated group dubbed LockBit claimed responsibility for the ransomware attack on the agency, and said it has given the Department of Finance until Dec. 24 to pay up or else it will publish a cache of stolen files. The hacking group claims to have stolen 76GB of data, including IT and financial documents, confidential data and “sexual proceedings in court,” according to the group’s blog.
LockBit ransomware has been deployed against at least 1,000 victims since January 2020, when it first appeared, according to the US Justice Department. LockBit members have made at least $100 million in ransom demands and extracted tens of millions of dollars in actual ransoms, according to DOJ.
During a ransomware attack, hackers encrypt a victim’s data — and often steal files beforehand — and hold them hostage until a ransom is paid, usually in cryptocurrency. Sometimes hackers leak documents to put pressure on the victims to pay.
“While we cannot comment on specifics of the ongoing investigation, we can share that no state funds have been compromised, and the department of finance is continuing its work to prepare the governor’s budget that will be released next month,” California’s cybersecurity center said in a statement.
Governor Gavin Newsom must present his budget for the next fiscal year by Jan. 10. As of midday California time, the state’s website for past and current budgets remained inaccessible. The current budget allocated $38.8 million for cybersecurity efforts.
The cybersecurity center said the attack was “proactively identified through coordination with state and federal security partners.” The agencies that comprise the center, including the Office of Emergency Services, Department of Technology, California Military Department and California Highway Patrol, have responded to identify the threat, assess its extent and “evaluate, contain and mitigate future vulnerabilities.”