Small but Significant: Ransomware Attack on New York's Legislative Bill Drafting Commission

Incident Date:

April 26, 2024

World map

Overview

Title

Small but Significant: Ransomware Attack on New York's Legislative Bill Drafting Commission

Victim

Legislative Bill Drafting Commission

Attacker

Play

Location

Albany, USA

New York, USA

First Reported

April 26, 2024

Ransomware Attack on New York's Legislative Bill Drafting Commission by Play Group

Overview of the Attack

The Legislative Bill Drafting Commission (LBDC) of New York, a key entity in the legislative process, was recently targeted by a ransomware attack attributed to the Play ransomware group. The group claimed responsibility for infiltrating the LBDC's systems and exfiltrating sensitive data.

The attack involved the deployment of ransomware, leading to the encryption of critical data and systemsThe stolen data reportedly includes a wide array of sensitive information ranging from client documents and payroll details to contracts and financial records.

Profile of the Victim: Legislative Bill Drafting Commission

The LBDC, located in Albany, New York, is instrumental in drafting legislation for the state. With fewer than 25 employees and an annual revenue of less than $5 million, the commission plays a crucial role in the legislative framework, making it a significant target for cybercriminals looking to disrupt governmental operations.

Vulnerabilities and Target Attractiveness

The victim's small size and the critical nature of its operations make it an attractive target for ransomware groups like Play. The commission's involvement in handling sensitive legislative documents and data can provide high leverage for cybercriminals seeking ransom payments.

Sources

```

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.