Raleigh Housing Authority had its sensitive data stolen in an attack in May exposed by the Black Basta ransomware operation, reports The Record, a news site by cybersecurity firm Recorded Future.
Aside from exposing the Social Security cards of individuals connected to the RHA, Black Basta, which has been linked to the FIN7 cybercrime operation, also leaked financial documents, government IDs, and other information stolen from the housing authority, according to cybersecurity expert Dominic Alvieri.
Such an intrusion, which was discovered on May 4, resulted in the shutdown of RHA's online payment system and the disruption of housing application processing, which took weeks to restore.
The attack comes after the increased targeting of housing authorities across the U.S., with the LockBit ransomware operation compromising the Housing Authority of the City of Los Angeles in January and the Chattanooga Housing Authority last November. A ransomware attack also impacted the Indianapolis Housing Agency last October.
Black Basta commences leak of stolen Raleigh Housing Authority data
Raleigh Housing Authority had its sensitive data stolen in an attack in May exposed by the Black Basta ransomware operation, reports The Record, a news site by cybersecurity firm Recorded Future.
Attackers purporting to be Royal Mail distributed malicious emails about a failed package delivery with a PDF attachment that included a link redirecting to a Dropbox-hosted ZIP file, which then facilitated the execution of Prince ransomware.
Such websites, which are operated under "AI Nude" and are advanced by black hat SEO techniques, promise the conversion of uploaded photos into deepfake nudes but display a link, which when clicked redirected to another site with the password and link to the password-protected Dropbox-hosted archive that contains the infostealer malware.
Both iOS and Android devices have been targeted with attacks involving the fake app dubbed "SB-INT," which lured victims into manually trusting the Enterprise developer profile before triggering the registration process that would seek additional information from victims.