RansomvedVC ransomware group announced that they breached the Voter registration office in Washington, D.C. They wrote that they had gotten over 600,000 lines of USA voters from the alleged District of Columbia Board of Elections cyberattack. The DCBOE cyberattack has not been confirmed by the officials so far.
However, the website of the District of Columbia Board of Elections (DCBOE) displayed a message on the homepage saying that it was under maintenance. This could be due to a possible cyberattack on the DCBOE portal.
No other pages on the portal were accessible post the alleged DCBOE data breach.
What RansomedVC Wrote About DCBOE Cyberattack
Threat Intelligence platform Falcon Feeds tweeted the below screenshot from the dark web portal of RansomedVC group.
Hackers posted, “We have successfully breached the District of Columbia Board of Elections and have gotten more than 600k lines of USA voters…” in the DCBOE cyberattack announcement.
They posted a link to download samples of data exfiltrated during the DCBOE cyberattack. According to researchers, the RansomedVC group started off as an underground forum to trade on stolen data from cyberattacks.
If the DCBOE data breach claims are true, it is possible that hackers from the RansomedVC group did not infiltrate the system of DCBOE and are only releasing the data. This is also why Falcon Feeds noted in its tweet that the authenticity of the hacker’s claim could not be verified.
Recently, a user on a hacker forum pointed out that RansomedVC was making fraudulent claims of possessing data breached from Sony. Although Sony Interactive Entertainment did confirm that it suffered a data breach, it is not clear whether RansomedVC had a hand in it. The SIE data breach was attributed to the MOVEit vulnerability exploitation by the Clop ransomware group.
Despite the claims of the DCBOE cyberattack, the homepage of the portal had relevant details about voting and helpful links accessible to users.
The Cyber Express emailed the respective officials to comment on the DCBOE ransomware attack claims. We will update this report after receiving a reply.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.