Metro Vancouver Transit Police files hacked during raid linked to racketeering gang

Metro Vancouver Transit Police say the agency was targeted by hackers who accessed nearly 200 of its files as part of a global wave of attacks that US officials blamed on a Russian cyber-extortion gang.

Police say in a press release that a thorough investigation is underway to determine what information was contained in the 186 files used in the attack against a third-party file transfer system called MOVEit.

It says that the hackers were unable to access the Transit Police network and that the vulnerability in the software has been patched and repaired.

The agency says the incident is not expected to affect investigations or prosecutions.

It says an investigation is being conducted by the RCMP’s Montreal and Vancouver cybercrime investigation teams.

MOVEit, widely used by businesses and government agencies to share files, was recently hit by an extortion syndicate that last week gave its victims a deadline to negotiate a ransom or risk sensitive data being dumped online.

The Cl0p gang, one of the world’s most prolific cybercrime syndicates, also claimed it would delete all data stolen from governments, cities and police departments.

Other known victims include the Nova Scotia provincial government, Louisiana’s Office of Motor Vehicles, Oregon’s Department of Transportation, British Airways, the British Broadcasting Company, and British drugstore chain Boots.

The parent company of the American maker of MOVIEit, Progress Software, warned customers about the breach on May 31 and released a patch. But cybersecurity researchers say dozens, if not hundreds, of companies could have quietly had sensitive data stolen by then.

Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, told reporters last week that the Cl0p campaign was short, relatively shallow, and quickly caught up.

A senior intelligence official said the US has “no evidence of coordination between Cl0p and the Russian government”.