Cybercriminals seeking to extort Washington’s Metropolitan Police Department have published extensive private dossiers of five current and former officers.
The files, each of which is around 100 pages long, are marked "Background Investigation Documents" and labeled "confidential," alongside the department’s seal. They include a vast array of personal information, as well as arrest history, housing and financial records, polygraph results and extensive details about their training and work background.
The hackers are one of several known ransomware gangs that hack an organization, then lock its files or threaten to leak them if not paid a ransom fee. Many, including the MPD's hackers, post evidence of their exploits to dedicated websites on the dark web to increase pressure on their victims to pay.
One former MPD officer whose file was among those leaked and who requested to not be named to protect his privacy, confirmed in a phone call that the information was authentic. MPD had not yet contacted him, he said.
The leak comes as ransomware attacks continue to hit public and private organizations across the country, including schools, hospitals, companies and local government sites, costing an estimated $3.6 billion in the U.S. in 2020. President Joe Biden's administration plans to introduce a ransomware strategy that focuses on international cooperation from law enforcement, but it has yet to be announced.
The release of private information on police officers is a new wrinkle at a time when police conduct remains a topic of national discussion.
On Monday, after the hackers had initially posted some screengrabs and a list of suspected gang suspects to its site, the MPD said in a statement that "we are aware of unauthorized access on our server," and that it had called the FBI to investigate.
Reached for comment, an MPD spokesperson didn't address the five compromised individuals, but pointed to a YouTube video of acting Chief Robert J. Contee III, posted Tuesday.
"Our partners are currently fully engaged in assessing the scope and impact," Contee said in the video. "If it is discovered that personal information of our members or others was compromised, we will follow up with additional information."
Stacey Wright, a former FBI analyst who is now vice president of cyber resiliency services at the nonprofit Cybercrime Support Network, said that by seizing the department's files and threatening to post sensitive information, the attackers put the police in a bind: either pay a ransom or risk putting officers — and, potentially, crime victims, confidential sources and other agency employees — at risk.
Police departments are particularly vulnerable to this type of attack because they do not have the option of shutting down while trying to work out a solution.
"It's a rock and a hard place," Wright said. "If they don't pay the ransom and the information is posted, there is the potential for damage. If they do pay the ransom they are giving into the criminals."