The DoppelPaymer ransomware group targeted the Illinois Office of the Attorney General.
The gang released some part of files stolen in attack from the Illinois Office on the dark web after the negotiation over ransom failed.
The leaked files include public information from court cases as well as some private documents.
Source: https://threatpost.com/doppelpaymer-leaks-illinois-ag/165694/
TPRM report: https://scoringcyber.rankiteo.com/company/illinois-attorney-general%27s-office
"id": "ill20587322",
"linkid": "illinois-attorney-general%27s-office",
"type": "Ransomware",
"date": "04/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Government',
'location': 'Illinois, USA',
'name': 'Illinois Office of the Attorney General',
'type': 'Government Office'}],
'data_breach': {'data_exfiltration': True,
'type_of_data_compromised': 'Public information from court '
'cases, private documents'},
'description': 'The DoppelPaymer ransomware group targeted the Illinois '
'Office of the Attorney General. The gang released some part '
'of files stolen in attack from the Illinois Office on the '
'dark web after the negotiation over ransom failed. The leaked '
'files include public information from court cases as well as '
'some private documents.',
'impact': {'data_compromised': 'Public information from court cases, private '
'documents'},
'initial_access_broker': {'data_sold_on_dark_web': True},
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'DoppelPaymer'},
'threat_actor': 'DoppelPaymer Ransomware Group',
'title': 'DoppelPaymer Ransomware Attack on Illinois Office of the Attorney '
'General',
'type': 'Ransomware Attack'}