A city in California, Victorville, issued a warning to its residents about a data breach resulting from a ransomware attack that compromised government systems for over a month. The breach notification letters disclosed that hackers had unauthorized access to the city’s systems from August 12 to September 26.
Furthermore, the accessed files contained residents’ names and sensitive information, including Social Security numbers, driver’s license details, medical records, and health insurance policy numbers. To support the victims, the city is offering one year of identity protection services. Despite restoring phone and website services on October 3, web-based systems remain non-functional.
Notably, the NoEscape ransomware gang claimed responsibility for the attack and announced that they had stolen approximately 200GB of data from Victorville’s government systems. This incident is part of a concerning trend of ransomware attacks targeting cities across California, with other locations such as Oakland, San Francisco, El Cerrito, Modesto, and Hayward experiencing devastating attacks that disrupted government services for extended periods, causing various issues for local residents. Victorville is situated in San Bernardino County, which had previously dealt with its own ransomware attack in April.
The NoEscape ransomware gang, which emerged in May, has been involved in a series of high-profile attacks on notable institutions. In a recent attack, they targeted the organization responsible for managing lake and river systems along the U.S.-Canada border. The group has also claimed responsibility for attacks on entities like Germany’s bar association, Hawaiʻi Community College, Australian companies, a Belgian hospital, and various manufacturing companies in the United States and the Netherlands. This incident highlights the growing threat of ransomware attacks to municipalities and organizations worldwide.