Breach cyber

Drug Enforcement Agency (DEA)

Jun 5, 2025 1 min read
Drug Enforcement Agency (DEA)

Two members of a cybercriminal group named ViLE were sentenced for hacking into a federal law enforcement web portal, stealing personal information, and using it to extort victims. They gained access to a DEA online portal with information from 16 federal law enforcement databases and used stolen data such as social security numbers to threaten victims into paying to avoid having their information leaked online. The defendants were sentenced to 27 and 25 months in prison for aggravated identity theft and conspiracy to commit computer intrusion.

Source: https://www.bleepingcomputer.com/news/security/vile-gang-members-sentenced-for-breaching-law-enforcement-portal/

TPRM report: https://scoringcyber.rankiteo.com/company/medway-drug-enforcement-agency

"id": "med350060525",
"linkid": "medway-drug-enforcement-agency",
"type": "Breach",
"date": "6/2025",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Law Enforcement',
                        'location': 'United States',
                        'name': 'U.S. Drug Enforcement Agency (DEA)',
                        'type': 'Government Agency'}],
 'attack_vector': 'Phishing, Impersonation, Bribery, Fraudulent Legal Requests',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Social Security Numbers',
                                              "Driver's License Numbers",
                                              'Home Addresses',
                                              'Personal Details']},
 'date_detected': '2022-05-07',
 'description': 'Two members of the cybercriminal group ViLE were sentenced '
                'for hacking into a federal law enforcement web portal and '
                'engaging in an extortion scheme.',
 'impact': {'data_compromised': ['Social Security Numbers',
                                 "Driver's License Numbers",
                                 'Home Addresses',
                                 'Personal Details'],
            'systems_affected': 'Federal Law Enforcement Online Portal'},
 'initial_access_broker': {'entry_point': 'Stolen Credentials'},
 'investigation_status': 'Ongoing',
 'motivation': 'Extortion, Financial Gain',
 'post_incident_analysis': {'root_causes': 'Stolen Credentials, Impersonation, '
                                           'Bribery, Fraudulent Legal '
                                           'Requests'},
 'references': [{'source': 'U.S. Department of Justice (DOJ)'},
                {'source': 'Brian Krebs'}],
 'regulatory_compliance': {'legal_actions': ['Aggravated Identity Theft',
                                             'Conspiracy to Commit Computer '
                                             'Intrusion']},
 'response': {'law_enforcement_notified': True},
 'threat_actor': ['Sagar Steven Singh (Weep)',
                  'Nicholas Ceraolo (Convict, Anon, Ominous)'],
 'title': 'ViLE Cybercriminal Group Sentenced for Hacking Federal Law '
          'Enforcement Portal',
 'type': 'Data Breach, Extortion',
 'vulnerability_exploited': 'Stolen Credentials'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.