Wayne County Michigan Faces Major INTERLOCK Ransomware Breach

Incident Date: Oct 23, 2024

Attack Overview

VICTIM

Wayne County Michigan

INDUSTRY

Government

LOCATION

USA

ATTACKER

Interlock

FIRST REPORTED

October 23, 2024

Request Removal

Wayne County, Michigan, Hit by INTERLOCK Ransomware Attack

Wayne County, Michigan, a key governmental hub, has fallen victim to a significant ransomware attack orchestrated by the newly emerged INTERLOCK group. This attack has disrupted essential services and exposed vulnerabilities within the county's digital infrastructure.

Victim Profile: Wayne County, Michigan

Wayne County is a prominent region in Michigan, encompassing Detroit and serving as a vital center for government operations. The county employs between 1,001 and 5,000 individuals across various departments, including public health, safety, and economic development. Its strategic location near Detroit enhances its appeal for businesses, providing access to transportation networks and a large consumer market. However, this prominence also makes it a target for cybercriminals seeking to exploit its extensive digital infrastructure.

Attack Overview

The INTERLOCK ransomware group claims to have exfiltrated 7.7 TB of sensitive data from Wayne County, including 130 SQL databases, confidential criminal investigation files, and personal data of residents. The attack, which occurred on October 3, has severely disrupted county services, affecting critical systems at the Wayne County Sheriff’s Office, the Treasurer’s Office, and the Register of Deeds Office. Operations such as inmate bonding, online tax payments, and real estate records processing have been halted. The exact ransom demand remains undisclosed, but the county's IT team, in collaboration with the FBI and Michigan State Police, is actively investigating the breach.

INTERLOCK Ransomware Group

INTERLOCK is a newly identified ransomware group employing a double-extortion strategy. After infiltrating a victim’s network, the group encrypts key files and exfiltrates data, threatening to leak it if their demands are not met within a 96-hour deadline. This approach amplifies financial and reputational risks for victims. The group distinguishes itself by issuing stern warnings against file alterations or system reboots, which could cause irreversible damage. The exact method of penetration into Wayne County's systems remains under investigation, but it highlights the vulnerabilities in governmental digital infrastructures.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.