The ransomware group has released 10GB of sample data from the cyberattack on the US city of Augusta and claimed they have a lot more data available. Credit: Thinkstock BlackByte group has claimed responsibility for a ransomware attack on Augusta, Georgia. The ransomware group has posted 10GB of sample data for free and claimed they have a lot more data available. “We have lots of sensitive data. Many people would like to see that as well as the media. You were given time to connect us but it seems like you are sleepy,” according to the screenshot shared by security researcher Brett Callow, who is also a threat analyst at Emsisoft. “We will help you to wake up. Here is a leak of 10GB of your data and very soon there will be much more free to everyone. The clock is ticking,” the ransomware group said. In another post on a hacker forum, the group claimed that it has additional data that they want to sell. Augusta is a city in Georgia, near the South Carolina border, with a population of over 200,000 as of 2021. The city of Augusta has acknowledged that it began experiencing technical difficulties on May 21 and that it resulted due to unauthorized access to its system. Leaked data includes PIIWhen the sample 10GB data was analyzed, it was found that it contained payroll information, and data including contact details, personally identifiable information (PII), physical addresses, contacts, and city budget allocation data, according to BleepingComputer, which said it inspected leaked documents related to the attack. The origin and authenticity of the leaked data could not be verified. BlackByte is a Russia-based ransomware-as-a-service gang that began targeting corporate victims worldwide in July 2021. The group is known to leverage double extortion to force their victims into payment. The FBI and the US Secret Service have earlier released a joint advisory cautioning against BlackByte.The demanded ransom for deleting the stolen information is $400,000. BlackByte has also offered to resell the data to interested third parties for $300,000, according to the BleepingComputer report. Investigation underway by city administrationAugusta’s mayor has refuted claims about the ransom demand. “Recent media reports regarding Augusta, Georgia being held hostage for $50 million in a ransomware attack are incorrect,” the office of the mayor said in a statement on May 25. Augusta’s Information Technology Department is investigating the incident, to confirm its impact on the systems, and to restore full functionality as soon as possible. “We continue to investigate what, if any, sensitive data may have been impacted or accessed,” the statement said. “At this time, we have not confirmed that any sensitive data was compromised, but we will update you as more information becomes available,” the city said in a statement released on May 24. A request for comment to the mayor’s office did not elicit a response at the time of writing. Several cities are facing cyberattacksSeveral cities have fallen prey to ransomware attacks this year. The city of Oakland, California, announced on February 10 that it had been hit by a ransomware attack that knocked many of its systems offline.Four days later, Oakland declared a state of emergency as it grappled with the wideranging impact of the incident, which left city phone systems and multiple non-emergency services inoperable, including its 311 phone system. Russia-backed Play ransomware group, which security researchers have linked to the Hive gang, took responsibility for the attack and began releasing data stolen during the incident. In recent years various US cities including Baltimore, New Orleans, Pensacola, Atlanta, and New Orleans have also suffered cybersecurity incidents. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe