BlackCat ransomware group claims attack on Florida court system
Following a cyberattack on Florida’s First Judicial Circuit Court system last week, the ransomware group BlackCat has claimed responsibility for the incident, adding that it accessed personal data like Social Security numbers and CVs of judges and court employees.
As reported by Bleeping Computer, the BlackCat ransomware group, also known as ALPHV, claimed responsibility for the attack on the Northwest Florida courts system. Along with personal data, the group claims it accessed a comprehensive network map of the court’s systems with local and remote service credentials. A screenshot of the leak page shared by Bleeping Computer shows the group claiming to have two terabytes’ worth of files from the attack.
According to an announcement from First Judicial Circuit court system, certain applications used by the courts were affected in the attack, but records of the court clerks and its data were not.
“We responded quickly, shut down our systems to mitigate risk to sensitive information, and began a thorough investigation of the attack, including coordinating with law enforcement agencies and external cybersecurity experts,” the court system’s announcement read.
However, the announcement said operations across the Floridian circuit courts in Escambia, Okaloosa, Santa Rosa and Walton counties will be affected for an extended period. Nonessential court proceedings and operations have been paused since Oct. 2, and there has not been an update from the system on when it expects to resume normal operations.
“The security of personal data is our priority. We will continue to provide the citizens of our Circuit with the timely resolution of the matters brought before our courts,” Chief Judge John L. Miller stated in the announcement.
Last year, the BlackCat group published a trove of files stolen from Events D.C., the sports and convention authority in Washington, D.C. Like the attack on the Florida courts system, the leaked files from Events D.C. also contained personnel and operations information and were made public after the authority reportedly refused to pay the ransom.