DoppelPaymer Ransomware Gang Leaks Data Stolen From Georgia County Hack

In early October, the Georgia Hall County voting system suffered a cyber-attack causing their online systems to shut down. Recently, the DoppelPaymer ransomware gang has claimed responsibility for the attack by publishing online the data stolen from Georgia Hall County hack.

Georgia Hall County Hack

Recently, some media reports disclosed a cyberattack on Hall County, Georgia, voting systems. This was deemed the first cyberattack of the US Elections 2020 season.

As reported, the attack happened on October 7, 2020, and disrupted the County’s online services, including phone services.

While, at that time, Hall County confirmed that the incident did not affect any employee or citizen’s data. However, media sources confirmed that the incident did impact critical systems including the voter signature database.

In a recent update on their website, Hall County has shared details about the service restoration process following the attack.

Restored services include, but are not limited to, phone, email, financial services, tax commissioner’s office, tax assessor’s office, landfill, and court system…
Currently, additional applications and software systems are being restored to more efficiently serve the citizens of Hall County.

They reiterated that the incident did not impact the voting process.

However, they have refused to share any specifics of the ransomware attack for security.

DoppelPaymer Ransomware Gang Leaked Data

While Hall County may not share more details of the incident, the attackers do not seem hesitant.

It’s now evident that the DoppelPaymer ransomware gang had targeted Georgia Hall County as they published the stolen data online.

The Wall Street Journal has reported that the attackers dumped the data online after Hall County failed to pay the ransom in time.

Also, Bleeping Computer has confirmed that the attackers have published 1GB of unencrypted hacked data. This includes voters’ details and other sensitive information.

The election documents reviewed by BleepingComputer contain ballot proofs, poll worker lists, administrative documents, accounting, and financial records, and city bulletins. Also included are voter registration records containing resident’s voter registration ID, full name, address, and assigned ballot, which is, for the most part, public information.
BleepingComputer has been told that at least one document contained a voter’s social security number.

Also, they have claimed to have encrypted 2464 devices during the attack.

Though, most part of this data includes public information. Yet, this kind of data leak conflicts with the earlier claims by Hall County that assured no loss of data. Also, details, such as Social Security Numbers are part of private information.

Hall County hasn’t released any comment in this regard.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients