A US county reportedly paid $1 million to Kairos, an extortion gang that claimed to have stolen more than 2 TB of data, but the county never received independently verifiable proof that the stolen files had been deleted – just the criminals’ promise.
This means the county’s stolen files may turn up for sale on a dark web forum, and the same (or another) crime crew could again demand an extortion payment to not leak the data.
It’s also a reminder that, despite the feds urging victims not to pay cybercriminals, sometimes coughing up the ransom demand seems to be the lesser of evils.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- #StopRansomware: Medusa Ransomware
March 12, 2025
Medusa is a ransomware-as-a-service (RaaS) variant first identified in June 2021. As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing. The Medusa ransomware variant is unrelated to the MedusaLocker variant and the Medusa mobile ...
- Ohio: Cleveland Municipal Court reopens after cyber attack
March 12, 2025
Cleveland Municipal Court is back open after a cyber attack forced a multi-week shutdown. Details have been limited about the incident itself, but court visitors said it’s caused a frustrating delay. Most operations have been suspended since Feb. 23 when the court discovered it was the victim of a cyber attack. Read more… Source: News 5 Cleveland Sign up ...
- India arrests man accused of running $96 billion crypto exchange at request of US
March 12, 2025
Indian authorities have arrested a Lithuanian man wanted by the US for allegedly running a $96 billion cryptocurrency exchange that allowed terrorist organizations, drug traffickers and cybercriminals to launder money. The arrest caps an intense US-led manhunt for Aleksej Besciokov, that escalated last week with the seizure of the crypto exchange, the freezing of $26 million ...
- Bank Of America Alerts Customers To Data Breach, Offers Identity Theft Protection For Affected Accounts
March 11, 2025
The Bank of America has alerted a small group of its customers about a data breach that may have exposed confidential information. The breach, which took place on December 30, was a result of improper handling of confidential documents by a third-party document destruction service provider. The breach could have potentially exposed sensitive data, including personal ...
- Hacker accessed PowerSchool’s network months before massive December breach
March 10, 2025
A hacker compromised the U.S. edtech giant PowerSchool months before its ‘massive’ data breach in December, according to a now-published forensic report into the incident conducted by U.S. cybersecurity firm CrowdStrike. In a letter sent to affected customers last week, seen by TechCrunch, PowerSchool confirmed that an investigation into the incident has revealed that its network ...
- Elon Musk’s X hit by waves of outages in what he claims is ‘a massive cyberattack’
March 10, 2025
Elon Musk’s X has been hit by three waves of outages since this morning, which the billionaire claims was due to a cyberattack. According to outage tracking site DownDetector, the problems began around 6 am ET when up to 20,538 users reported problems. The issues temporarily died down before nearly 40,000 users reported outages at 10 ...

