Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

DC Police Confirms Cyberattack After Ransomware Gang Leaks Data

DC Police Confirms Cyberattack After Ransomware Gang Leaks Data

The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data.

The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital.

In a statement to BleepingComputer, the DC Police stated that they are aware of a breached server and that the FBI is investigating the matter.

“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.” – Metropolitan Police Department.

This statement comes after the Babuk Locker gang said they had compromised the DC Police’s networks and stolen 250 GB of unencrypted files.

Babuk data leak page for the Metropolitan Police Department

As part of this leak, the ransomware gang posted screenshots of various folders they allegedly stole during the attack. The folder names appear to contain a lot of files related to operations, disciplinary records, and files related to gang members and ‘crews’ operating in DC.

The ransomware gang warned on the data leak page that the MPD has 3 days to contact them or the threat actors will start contacting gangs to warn them of police informants.

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

“Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage, if no response is received within 3 days, we will start to contact gangs in order to drain the informants, we will continue to attack the state sector of the usa, fbi csa, we find 0 day before you, even larger attacks await you soon,” stated the Babuk ransomware gang on their data leak site.

One of the screenshots includes the 4/19/2021 timestamp for all the folders, which is likely when the threat actors stole the data.

Screenshot of folders containing allegedly stolen files
Redacted by BleepingComputer

The Babuk gang specifically pointed out one of the files, which based on the title, is related to arrests after the January 6th protest that stormed the Capital Building.

We were the first to report on the Babuk Locker ransomware in January when they began operating and leaking victim’s data on hacker forums.

Since then, they have slowly increased their activity as they recruit further hackers to work with them and compromise more enterprise networks.

Also Read: 3 Reasons Why You Must Take A PDPA Singapore Course

They recently made the news when cybersecurity firm Emsisoft discovered that their decryptor contained severe bugs that could destroy files while they were being decrypted.

Update 4/26/21 9:42 PM EST: Added updated statement from the Babuk ransomware gang.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us