cyber Ransomware

SOUTHAMPTON, COUNTY

Nov 28, 2022 1 min read
SOUTHAMPTON, COUNTY

Southampton County in Virginia suffered a ransomware attack after its systems were encrypted by a cyber-criminal.

The attack compromised the types of information including name, social security number, driver’s license number, and/or address.

However, after Southampton recovered from this incident, a single W-2 form appeared on the dark web with the criminal claiming that they removed sensitive data from the encrypted Southampton server.

LockBit 3.0, added this attack to their listing to their leak site with screencaps showing directory folders as well as some specific payroll-related info on county employees.

Source: https://www.databreaches.net/southampton-county-virginia-reports-ransomware-incident/

TPRM report: https://www.rankiteo.com/company/southampton-county-of

"id": "sou2342281122",
"linkid": "southampton-county-of",
"type": "Ransomware",
"date": "09/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"
{'affected_entities': [{'industry': 'Public Administration',
                        'location': 'Virginia, USA',
                        'name': 'Southampton County',
                        'type': 'Government'}],
 'data_breach': {'data_encryption': True,
                 'data_exfiltration': True,
                 'file_types_exposed': ['W-2 form'],
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['name',
                                              'social security number',
                                              'driver’s license number',
                                              'address']},
 'description': 'Southampton County in Virginia suffered a ransomware attack '
                'after its systems were encrypted by a cyber-criminal. The '
                'attack compromised information including name, social '
                'security number, driver’s license number, and/or address. '
                'After recovery, a single W-2 form appeared on the dark web '
                'with the criminal claiming that they removed sensitive data '
                'from the encrypted Southampton server. LockBit 3.0 added this '
                'attack to their listing on their leak site with screencaps '
                'showing directory folders as well as some specific '
                'payroll-related info on county employees.',
 'impact': {'data_compromised': ['name',
                                 'social security number',
                                 'driver’s license number',
                                 'address']},
 'motivation': 'Financial',
 'ransomware': {'data_encryption': True,
                'data_exfiltration': True,
                'ransomware_strain': 'LockBit 3.0'},
 'threat_actor': 'LockBit 3.0',
 'title': 'Ransomware Attack on Southampton County, Virginia',
 'type': 'Ransomware'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Cyber Attack cyber

Citrix

public 1 min read
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.