Lockbit Claims Ransomware Attack On Fulton County Georgia

Fulton County confirms ransomware attack after LockBit takes responsibility

The LockBit ransomware gang claims to be behind the recent cyberattack on Fulton County, Georgia, and is threatening to publish “confidential” documents if a ransom is not paid.

Fulton County has a population of a little over one million and it is the largest county in Georgia and the home of the state capital, Atlanta.

The hackers breached the county’s systems during the last weekend of January, causing widespread IT outages that impact phone, court, and tax systems.

Almost three weeks after the incident, the local government’s website still shows the initial alert about the system outage and directs visitors to the last update from February 5.

Fulton County shows "system outage" alert, three weeks after cyberattack
Fulton County still not recovered three weeks after LockBit ransomware attack
source: BleepingComputer

Fulton County chair Robb Pitt said on January 29 that there was no indication that hackers stole sensitive information belonging to citizens or employees but the investigation was still at an early stage.

In a press conference today, prompted by the hackers’ posting Fulton County as a victim on their website, Pitt confirmed the ransomware attack. However, there were no details about the ransomware gang responsible.

The attack impacted the phone lines, with a third of the phones now restored; the property tax system is still not online and payment processing along with other transactions is not possible right now.

Citizens continue to have problems with water billling as electronic payments are not accepted. However, residents will incur no penalties.

Pitt also said that some services are delayed in the justice system and that the email service remained unaffected.

LockBit promises “maximum publicity”

On Tuesday, the LockBit ransomware group claimed responsibility for the attack on Fulton County saying, publishing 25 screenshots to prove they had gained access to the county’s systems and that they had stolen sensitive data.

Unfortunately, the LockBit operation claims to have stolen data containing citizen’s personal data, which they will leak if a ransom is not paid.

“Documents marked as confidential will be made publicly available. We will show documents related to access to the state citizens’ personal data,” reads LockBit’s threat.

“We aim to give maximum publicity to this situation” – LockBit ransomware

The threat actor’s has set a deadline of February 16 for Fulton County before they begin to leak data.

However, the Fulton administration is looking at insurance money to recover its system, which makes it very unlikely that the hackers will get paid.


Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.