CybersecurityJuly 5, 2026· via Security Affairs

U.S. agency quietly paid $1M to data extortionists without encryption

U.S. agency quietly paid $1M to data extortionists without encryption

Image : Security Affairs

A U.S. government agency paid roughly $1 million in Bitcoin to a threat actor known as Kairos last June—despite Kairos never deploying ransomware. Instead, the group relied on data theft and the threat of public exposure to extract payment, according to a new case study by Ransom-ISAC.

A shift in tactics, not terminology

The incident underscores how cyber extortion has evolved beyond encrypting files. Kairos allegedly gained access via brute-force credential attacks, claimed control of more than 1.6 million files and 2 terabytes of data, and demanded payment to prevent publication. No encryption tool, decryption key, or locker binary was involved, yet the victim still classified the event as a ransomware attack. The report suggests the term may no longer reflect the reality of many incidents.

Who is Kairos—and who was targeted?

Ransom-ISAC’s reconstruction points to a small county government that disclosed a network intrusion in May 2025. While neither the county nor Kairos has confirmed the link, leaked negotiation documents reference internal files and a post-payment archive named “union.rar,” matching public disclosures from Union County, Ohio. The county notified 45,487 residents and employees after discovering the breach, which involved stolen Social Security numbers, financial details, fingerprints, and passport numbers. Officials said they detected “ransomware” in their notification letter, highlighting how the label can obscure the actual method of compromise.

The case serves as a reminder that robust access controls and continuous monitoring remain critical defenses against credential-based intrusions, even when encryption isn’t the attacker’s endgame.


Source: Security Affairs. AI-assisted editorial synthesis — TechnoExpress.

Read the original source on Security Affairs →

← Back to home