The New York Police Department (NYPD) pulled its LiveScan fingerprint tracking system offline after a ransomware virus spread to 23 machines connected to the database over the weekend.
The incident began on October 5, when a contractor installing a digital display at a Queens police academy plugged in an infected NUC mini-PC, the New York Post reports. The minicomputer spread an unidentified virus to 23 machines connected to the LiveScan system. Within hours, police detected the breach. NYPD cyber command and Joint Terrorism Task Force were alerted.
The ransomware never executed; however, the NYPD shut down its fingerprint scanning system for the night and reinstalled software on 200 computers across the city as a precaution. Its team was bringing the system back online by early Saturday morning, Deputy Commissioner for Information Technology Jessica Tisch told the Post.
Officials have not disclosed the vendor, which was questioned but ultimately not charged. An NYPD spokeswoman told the publication this affected 0.1% of the department's computers. That said, the NYPD database is linked to the Statewide Automated Fingerprint Identification System, which New York's Division of Criminal Justice Services says contains about 7 million files, the Post notes.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Home Safe: 20 Cybersecurity Tips for Your Remote Workers."