A website that monitors data breaches and ransomware attacks has reported that the New York City Bar Association was hit with a ransomware attack in December and that the attackers have posted screenshots showing the bar’s file directory, as well as passports of certain individuals.
The bar did not respond to emails I sent earlier this week asking for comment.
The report by DataBreaches.net says that the attackers used the CLOP ransomware to gain access to the bar’s files. It says that the attackers posted this message:
“The New York City Bar is example of one more institution who not take their obligation to secure client, employee and case data seriously. We download more than 1.8tb of data and now is time to have some lawsuits started and fines for neglecting their duties. Every single system was locked back in mid-December yet the organization said nothing to anyone to try and keep it all under wraps. Data size is so large we have to share over some weeks.”
The ransomware-prevention company BlackFog also reported the attack on the New York City Bar.
The attackers also posted a screenshot of a portion of the bar’s file directory, and they also posted screenshots of passports for “a number of individuals,” the site said.