Modesto hit by apparent Snatch ransomware attack

Photo credit Getty Images

A ransomware group is apparently taking responsibility for a cyber attack on the city of Modesto, California that impacted the police department and compromised residents' personal information in February.

On Monday, Modesto was added to the "victims list" of a ransomware group known as Snatch, according to ThreatMon Ransomware Monitoring, a cyber threat intelligence platform.

Another threat monitor, Falcon Feedsio, pointed out that no sample data is currently available, so the threat's authenticity cannot yet be confirmed.

Earlier this month, the city confirmed that it was the victim of a data breach that began in February and targeted the Modesto Police Department. According to KCRA, a "limited amount" of personal information of some people was compromised in the attack -- including social security numbers, phone numbers and driver's license information.

It's not clear how many people were impacted by the data breach or if they were city employees, but City Spokesperson Andrew Gonzales told KCRA that the attack was limited to the police department and no other residents or members of the public were threatened.

The attack forced the police department to disconnect its digital network and temporarily revert to old fashioned policing with handheld radios, pens and paper, according to reports. The department has since returned to normal operations.

The city has launched an investigation into the attack and is working with cybersecurity experts and law enforcement agencies to identify the group responsible for the breach.

Individuals whose data may have been compromised were notified by mail and offered free credit monitoring and identity theft protection services, according to reports.

As for why the city waited nearly a month to confirm the attack, Gonzales told The Modesto Bee that officials had to "maintain the integrity of the investigation."

Featured Image Photo Credit: Getty Images