Hackers Leak Sensitive Data in Cobb County Ransomware Attack
COBB COUNTY, Ga. — A cybersecurity breach in Cobb County has escalated after hackers released sensitive data stolen during a ransomware attack in March. According to a Georgia-based cybersecurity expert, the attackers are now demanding a ransom, giving the county until Friday to pay up.
Initially, Cobb County officials downplayed the incident, describing it as having a limited effect on services. However, in a new statement released Friday, officials confirmed that the attackers issued a ransom demand—which the county has refused to meet.
“Upon discovering the intrusion, we immediately followed established protocols, took our systems offline, and restored operations shortly thereafter,” the statement read. “A third party issued a ransom demand, which we declined. We refuse to support or enable criminal enterprises, even when faced with difficult choices. While we understand this may offer limited comfort to those affected, standing firm sends a clear message: bad actors will not profit from this crime.”
Rick Hudson of Critical Path Security says the hackers have released confidential materials on the dark web, including information related to public services and personal data of Cobb County residents.
“They’ve published autopsy photos, Social Security numbers, driver’s license pictures, next of kin contact details, and other sensitive personal data commonly targeted in breaches,” Hudson reported.
The group behind the attack is believed to be associated with Qilin, a Russian-speaking cybercriminal organization.
Initially, the county claimed the breach had only a limited impact, disrupting email services and affecting a small number of individuals. But with the leaked data now publicly accessible, concerns are growing.
Cobb County officials say the investigation is ongoing. “We will continue to notify any additional affected individuals as necessary. If we determine that specific personal information is at risk, Cobb County will provide those individuals with credit monitoring and identity theft protection.”
Hudson notes that Qilin is demanding at least $1 million and warns that the group has a history of asking for additional payments even after an initial ransom is paid.