U.S. Government Agency Paid $1M to Data Extortion Group Kairos
ID: adbd5953-dafa-52c7-8adf-bccf38ce8289
STIX ID: report--adbd5953-dafa-52c7-8adf-bccf38ce8289
Feed Name: Security Affairs
A Ransom-ISAC case study describes how the Kairos extortion group stole ~2 TB (1,602,775 files) from a U.S. government entity and pressured the victim with publication threats and deadlines, resulting in a ~9.44 BTC (~$1M) payment on June 13, 2025. The report notes no confirmed ransomware encryptor or locker binary—this was data-only extortion—covers the 28-day negotiation transcript, the victim impact (notification of ~45,487 residents/employees and exposure of sensitive PII), and blockchain tracing of funds to multiple exchange touchpoints; it emphasizes that deletion claims were not cryptographically verifiable and highlights operational lessons for public-sector incident response.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
