Kentucky's Jefferson County Clerk's office had its employee files, election administration details, and Social Security numbers compromised following a July ransomware attack claimed by the RansomHub operation earlier this week, according to StateScoop.
Included in the 47 GB data exfiltrated from the county clerk's office's systems were financial documents, customer contracts, alarm system information, budget details, ballot information, and voter records as early as 2008, claimed RansomHub, which also threatened to expose all the stolen data should the county fail to pay the demanded ransom by Saturday. Further examination of the files already leaked by RansomHub also revealed the inclusion of files showing election equipment leveraged for in-person voting. However, the extensive election administration data leak was noted by an unnamed Cyble Research and Intelligence Lab researcher to be the most significant information for threat actors. "The data [could] potentially be used for phishing as well as disseminate disinformation, misinformation to cause confusion and panic amongst the voters," said the researcher.
