The Washington, D.C., police department reported “unauthorized access” on its server, but said it was still determining the full impact of the breach.
The Metropolitan Police Department did not detail what information may have been exposed, who was behind the hack or if any demand has been made.
“We are aware of unauthorized access on our server,” police said in a statement. “While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”
The police department has more than 4,000 sworn and civilian members and is among the 10 largest departments in the nation, according to its website.
The hackers are a ransomware gang, a strain of organized cybercrimals known for hacking into a network and either locking their victims' files or threatening to release their private information — or both — unless they pay an extortion fee.
The gang keeps a dark web blog of their exploits, which NBC has viewed. On Tuesday, the hackers posted screengrabs purported to be from MPD's servers, mostly of folders and file names they have access to. The leaked files also included a list, marked “Law Enforcement Sensitive,” of 11 alleged gang members, including their photos and arrest history.
In 2017, two Romanian citizens were charged in a ransomware scheme that targeted the department's surveillance camera computers. A larger attack on up to 179,600 other computers was being planned when the scheme was disrupted, the Justice Department has said.