IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Hackers Remove Threat to Post Stolen Fulton County Data

The countdown clock on a website containing screenshots of information stolen from Fulton County, Ga., servers two weeks ago hit zero on Friday, and then mysteriously disappeared.

Timer
Shutterstock
(TNS) — The countdown clock on a website containing screenshots of information stolen from Fulton County servers two weeks ago hit zero at 12:47 a.m. Friday, and then disappeared.

On a list of nearly 1,000 government and corporate victims of the LockBit hacking group, the status of the Fulton County data release was “published” but no download link appeared.

By 1:15 a.m., the Fulton County data post had vanished from the site.

It’s unclear if a ransom was paid or if the hacking group was updating the site with the stolen data. The county first announced a breach of its servers on January 29.

Earlier this week, the group posted two dozen screenshots of seemingly legitimate county documents as well as information about servers maintained by the county. On the same page, in bold red type, was a deadline: “16 Feb, 2024 05:47:29 UTC” — or 12:47 a.m. Eastern time on Friday.

In their initial post claiming responsibility for the hack, the group wrote that the data would “reveal lists of individuals responsible for confidentiality” and “show documents related to access to the state citizens’ personal data.”

On Wednesday, County Commission Chairman Rob Pitts said that personal information may have been compromised in the ransomware attack.

The website, accessible only through a browser capable of decrypting content on the dark web, lists nearly 1,000 other governments, companies and websites that are alleged victims of LockBit’s ransomware attacks.

The website also provides visitors with information on how to contact the hackers, as well as a link with instructions on how to purchase Bitcoin. No ransom amount was listed for the Fulton County data, but at least one company’s data is available for purchase or deletion for $800,000.

State and federal law enforcement agencies are involved in the investigation, and county officials have cited that process in limiting details released about the cyberattack that took took down many county systems the weekend of Jan. 27.

All county offices have reopened but many continue to use work-arounds to compensate for computer systems that are still down. The attack took down the county’s phone system, which runs over the internet; the internal financial system; online court and law enforcement systems; tax offices; and public-use computers at libraries, among other things.

About one-third of county phone lines are working again, and most services are available — though often only in person, since many online functions remain down.

Atlanta Journal-Constitution reporter Rahul Deshpande contributed to this report.

©2024 The Atlanta Journal-Constitution. Visit at ajc.com. Distributed by Tribune Content Agency, LLC.