Leicester City Council finally admits its "cyber incident" was carried out by a ransomware gang and data was stolen, hours after the criminals forced it.
The Ransomware Gang Lifecycle
The attack began nearly a month ago on March 7, and since then the English city council has consistently refused to say whether ransomware was involved or whether data was compromised.
That all changed yesterday when INC Ransom, which mentioned the council attack earlier this week and hinted at its role in the incident, leaked a cache of documents that appeared to be taken from council servers.
"We have downloaded approximately 3TB of private information," the gang's website claims, along with what it calls an "evidence package" — a 32-file extract of the data it claims to have stolen.