The Conti ransomware gang has published files stolen from the Scottish Environment Protection Agency (Sepa) in an attack on Christmas Eve. The agency continues to resist its demands to pay.
The attack saw the theft of 1.2GB of data contained in about 4,000 files. The material in question includes business information, including regulated site permits, authorizations, enforcement notices, corporate planning and change programs; procurement information such as publicly available procurement awards; project information relating to Sepa’s commercial work; and personal information on its staff.
The agency’s chief executive, Terry A’Hearn, said: “Supported by the Scottish Government, Police Scotland and the National Cyber Security Centre [NCSC], we continue to respond to what remains a powerful and sophisticated cyber-attack and a serious crime against Sepa. We’ve been clear that we won’t use public finance to pay serious and organized criminals intent
on disrupting public services and extorting public funds. We have made our legal obligations and duty of care on the sensitive handling of data a high priority. Following Police Scotland’s advice, we are confirming that the data stolen has been illegally published online. We’re working quickly with multi-agency partners to recover and analyze data, then, as identifications are confirmed, contact and support affected organizations and individuals.”