BlackByte attacks City of Augusta
Incident Date:
May 21, 2023
Overview
Title
BlackByte attacks City of Augusta
Victim
City of Augusta
Attacker
Blackbyte
Location
First Reported
May 21, 2023
Augusta IT System Outage Linked to Cyberattack
The City of Augusta has confirmed that unauthorized access to its network caused a recent IT system outage. Although city officials have not confirmed the nature of the cyberattack, the BlackByte ransomware group has claimed responsibility for the incident.
According to a post on its online portal, the city started experiencing “technical difficulties” disrupting some of its computer systems on Sunday, May 21. The announcement also claims this incident is unrelated to a previous IT system outage. An investigation into the incident is underway, and the city is working to “restore full functionality to its systems as soon as possible.” However, it is unclear whether threat actors accessed or stole sensitive data.
According to the city’s announcement, “Augusta’s Information Technology Department continues to work diligently to investigate the incident, to confirm its impact on its systems, and to restore full functionality to its systems as soon as possible.”
Mayor Denies Ransom Demand
Augusta’s mayor, Garnett Johnson, denied claims that BlackByte demanded a $50 million ransom.
About Augusta
Augusta is the second-largest city in Georgia, behind Atlanta, and its metropolitan area houses over 611,000 people.
The BlackByte Ransomware Group
BlackByte is a ransomware gang that was first identified in July 2021. They operate a Ransomware-as-a-Service model and deploy double extortion techniques to coerce their victims into paying ransoms.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.