Categories: Government

Rasputin Hacker Attack on Government Agencies and Universities

Background

In February of 2017, the magazine Computer World published the following article:

A “Russian-speaking and notorious financially-motivated” hacker known as Rasputin has been at it again, hacking into universities and government agencies this time, before attempting to sell the stolen data on the dark web.

According to the security company Recorded Future, which has been tracking the cybercriminal’s breaches, Rasputin’s most recent victims include 63 “prominent universities and federal, state, and local U.S. government agencies.” The security firm has been following Rasputin’s activity since late 2016 when the hacker reportedly breached the U.S. Electoral Assistance Commission and then sold EAC access credentials.

Continue scrolling for more...

Recorded Future claims that Rasputin’s victims are “intentional targets of choice based on the organization’s perceived investment in security controls and the respective compromised data value. Additionally, these databases are likely to contain significant quantities of users and potentially associated personally identifiable information (PII).”

All of the hacked agencies and universities have been notified about the breaches by Recorded Future. There were 16 U.S. state government victims, 6 U.S. cities and four federal agencies. Additionally, there were two “other” .gov sites which included Fermi National Accelerator Laboratory, “America’s premier particle physics lab,” and the Child Welfare Information Gateway, which is “a service of the Children’s Bureau, Administration for Children and Families, U.S. Department of Health and Human Services.”

They printed a list of those that were attacked and breached:

I filed FOIA requests to the various agencies attacked, and will archive the responsive records below.

Document Archive

Postal Regulatory Commission

 Documents Released March 31, 2017 [124 Pages, 26.7MB] – It appears that although reported to have been hit by the attack, internal documents show they were clean and there were no signs of an intrusion.

 

Follow The Black Vault on Social Media:

This post was published on August 20, 2017 11:16 pm

John Greenewald

Recent Posts

FOIA Appeal Adds New Dog Bite Details from Biden White House, Confirms Video Evidence Withheld

Newly obtained Secret Service records continue to shed light on the numerous biting incidents involving…

September 26, 2025

DoD Redacts Nearly All Records Explaining AARO’s Use of Law Enforcement Exemption for UAP Files

The Department of Defense (DoD) has released a set of heavily redacted emails in response…

September 25, 2025

Pentagon Denies Existence of “Yankee Blue” Memo Reported by Wall Street Journal

A Freedom of Information Act (FOIA) response has raised new questions about a widely circulated…

September 16, 2025

DoD Says Aerospace Firms Went “On the Record” About UAP — Then Refuses to Acknowledge Records Exist

In March 2024, the Department of Defense (DoD) published publicly its Report on the Historical…

September 6, 2025

NASA Cites FOIA Exemption to Withhold James Webb Briefing Content Despite Public Hearing

In September 2024, a Freedom of Information Act (FOIA) request was filed with NASA seeking…

September 3, 2025

FBI Files: Historical Figures & Groups

Background Welcome to the FBI Files on Historical Figures & Groups archive at The Black…

August 31, 2025