Hackers release over 4,000 files stolen from Scottish environment agency in ransomware attack

Hackers release over 4,000 files stolen from Scottish environment agency in ransomware attack
SEPA was hit by ransomware attack on Christmas Eve
Corporate plans and contracts published after organisation refused to give in to ransom demand

There’s more bad news for the Scottish Environment Protection Agency (SEPA) which was hit by a ransomware attack on Christmas Eve – a serious security breach that has continued to impact its internal systems and forced its email offline.


The Conti ransomware gang has now published 4,150 files stolen from SEPA on the dark web. Corporate plans, contracts, spreadsheets, and potentially personal information about staff, can be found amongst the haul of files now available for anybody to download with no payment required.




The malicious hackers have released the files that they stole from SEPA before unleashing their file-encrypting ransomware in frustration that the agency refused to pay any money to its extortionists.


Conti, like other notable ransomware gangs, has found that exfiltrating data from its victims and threatening to either sell it to other hackers or release it to the world increases the chance of a pay day. For that reason they, and some other ransomware gangs, run websites that publicise their latest hacks and make the stolen data available – at least for those “clients” who refuse to pay up.




Past victims of Conti have included the industrial IoT firm Advantech, which received a $14 million ransom demand from its attackers, as well as coffee machine maker De’Longi and customer information firm Ixsight Technologies.


The release of SEPA’s data is not that much of a surprise. The agency’s chief executive Terry A’Hearn has made cle ..