Hackers leaks Britain’s police confidential data after ransomware negotiation failed

According to a report by the Daily Mail, a Russian hacking group infected the systems of some police departments in the United Kingdom with a ransomware variant and leaked some compromised records after the affected part refused to negotiate the payment of a ransom. Operators of the Clop ransomware accessed these systems after compromising an implementation of an IT company tasked with accessing computers in the affected police departments.

Dacoll, the firm under attack, refused to pay the ransom demanded, so threat actors posted hundreds of stolen files on a hacking forum on the dark web. The company declined to disclose the amount demanded by the hackers, though it was confirmed that the exposed files include some images of traffic tickets, driver information and other details.

This company began providing electrical engineering services almost 80 years ago and has been diversifying since then. Through their subsidiary NDI Technologies, they offer critical infrastructure services for almost 90% of British police departments.

National security expert Philip Ingram said: “This is an extremely serious security breach, as it affects a company that provides services to police forces across the UK… The damage caused by this type of data breach is unfathomable.” A spokesman for the National Crime Agency confirmed that they are already aware of the situation, so they will support the affected company during the investigation of the incident.

About the hacking group responsible for the attack, experts mention that Clop was detected about two years ago and has accumulated a long list of victims in the public and private sectors. Among the most severe attacks linked to this group are infections at oil giant Shell, a couple of banks and multiple universities in the U.S.

Clop is, in terms of its methods, very similar to other ransomware groups; their attacks usually start with phishing emails sent to employees of the affected companies and, after completing the infection, hackers encrypt the compromised files and threaten to reveal the stolen data if the victims do not pay the ransom.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.