'Play' ransomware group releases 5GB of stolen data from Lowell City
Take action: Residents of Lowell are impacted - directly through unavailability of services and indirectly through abuse of their data. All impacted residents should monitor their financial accounts for any suspicious activity.
Learn More
The ransomware group known as Play, which is responsible for hacking Lowell city municipal network on April 24, has announced that it released 5 gigabytes of stolen data and made it available on the dark web. The data could appear on many resources in the dark web, and it is unknown how many people have already accessed or shared it.
Play demanded a ransom for the stolen data, and the city of Lowell has not disclosed the amount. Paying the ransom does not guarantee a successful outcome, but delaying payment increases the risk of more data being released.
The source and extent of the breach are still under investigation. The city is taking extensive measures to recover, including deep wiping and re-imaging desktops, restoring data drives, rebuilding servers from backups, and implementing stricter security measures such as restricted internet access and multifactor authentication. Regular cybersecurity training is now mandatory for all staff.
