Newsday reports that Suffolk County, New York, has been warned about a "possible ransomware event" in June, or nearly three months before being compromised on Sept. 8.
No ransomware attack has been going on and no malicious activity has been detected by the county's IT systems during the time the tip was sent, said Suffolk Information Technology Coordinator Brian Bartholomew in an email thread at a time.
Nearly 4TB of data has been stolen as a result of the attack and Suffolk County has already incurred $140 million in payments to vendors since the intrusion.
"There is still an ongoing forensic assessment to determine exactly when and how the threat actors accessed county systems. Our team of cybersecurity experts are working to piece together these details, while we continue with our safe and secure rolling restoration," said Suffolk County spokesperson Nicole Russo.
Meanwhile, TechWorks CEO Chris Coluccio noted that Suffolk's systems may have been compromised days or weeks prior to the attack. "There should have been systems in place that would have caught that," he added.
NY county warned of potential ransomware attack prior to incident
Newsday reports that Suffolk County, New York, has been warned about a "possible ransomware event" in June, or nearly three months before being compromised on September 8.
The U.S. Department of Justice announced that Ukrainian national Mark Sokolovsky, also known as raccoon-stealer, black21jack77777, and Photix, has admitted guilt in operating the Raccoon Infostealer malware-as-a-service operation.
Attacks part of the scheme — which were noted by Swiss authorities to have exceeded 260 between August 2023 and April 2024 — involved the suspects leveraging QR codes that redirected to payment platform-spoofing websites.
Information purportedly stolen by Meow ransomware included client and employee data, scanned payment files, personal details, addresses, banking details, certificates, and criminal records.