logo

U.S. Government Agency Paid $1M to Data Extortion Group Kairos

ID: adbd5953-dafa-52c7-8adf-bccf38ce8289

STIX ID: report--adbd5953-dafa-52c7-8adf-bccf38ce8289

Feed Name: Security Affairs

Threat Score
75/100

Date Published: 2026-07-04

Date Updated: 2026-07-04

Author: Pierluigi Paganini

...
...

A Ransom-ISAC case study describes how the Kairos extortion group stole ~2 TB (1,602,775 files) from a U.S. government entity and pressured the victim with publication threats and deadlines, resulting in a ~9.44 BTC (~$1M) payment on June 13, 2025. The report notes no confirmed ransomware encryptor or locker binary—this was data-only extortion—covers the 28-day negotiation transcript, the victim impact (notification of ~45,487 residents/employees and exposure of sensitive PII), and blockchain tracing of funds to multiple exchange touchpoints; it emphasizes that deletion claims were not cryptographically verifiable and highlights operational lessons for public-sector incident response.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.