"An Alabama city is paying over a quarter of a million dollars to cyber-criminals to recover data encrypted in a ransomware attack.
Florence became a victim of the DoppelPaymer ransomware gang on June 5 in an attack that shut down the city's email system. The gang demanded 38 bitcoin, equivalent to USD $378,000, and threatened to publish or sell data stolen from Florence if the city didn't pay up.
A security firm hired by Florence in the wake of the attack was able to negotiate the ransom down to 30 bitcoin, worth around $291,000.
City mayor Steve Holt said that Florence had elected to pay the ransom despite not knowing for certain what data the cyber-criminals had stolen and encrypted.
“Do they have our stuff? We don’t know, but that’s the roll of the dice,” Holt said.
The mayor theorized that attackers gained access to the city's computer system via a phishing attack.
Holt told KrebsOnSecurity that the DoppelPaymer gang appeared to have compromised the networks of four further victims within an hour of striking Florence, including another municipality that he declined to name."