Categories: Government

Rasputin Hacker Attack on Government Agencies and Universities

Background

In February of 2017, the magazine Computer World published the following article:

A “Russian-speaking and notorious financially-motivated” hacker known as Rasputin has been at it again, hacking into universities and government agencies this time, before attempting to sell the stolen data on the dark web.

According to the security company Recorded Future, which has been tracking the cybercriminal’s breaches, Rasputin’s most recent victims include 63 “prominent universities and federal, state, and local U.S. government agencies.” The security firm has been following Rasputin’s activity since late 2016 when the hacker reportedly breached the U.S. Electoral Assistance Commission and then sold EAC access credentials.

Continue scrolling for more...

Recorded Future claims that Rasputin’s victims are “intentional targets of choice based on the organization’s perceived investment in security controls and the respective compromised data value. Additionally, these databases are likely to contain significant quantities of users and potentially associated personally identifiable information (PII).”

All of the hacked agencies and universities have been notified about the breaches by Recorded Future. There were 16 U.S. state government victims, 6 U.S. cities and four federal agencies. Additionally, there were two “other” .gov sites which included Fermi National Accelerator Laboratory, “America’s premier particle physics lab,” and the Child Welfare Information Gateway, which is “a service of the Children’s Bureau, Administration for Children and Families, U.S. Department of Health and Human Services.”

They printed a list of those that were attacked and breached:

I filed FOIA requests to the various agencies attacked, and will archive the responsive records below.

Document Archive

Postal Regulatory Commission

 Documents Released March 31, 2017 [124 Pages, 26.7MB] – It appears that although reported to have been hit by the attack, internal documents show they were clean and there were no signs of an intrusion.

 

Follow The Black Vault on Social Media:

This post was published on August 20, 2017 11:16 pm

John Greenewald

Recent Posts

The DoD Inspector General’s Evaluation of the DoD’s Actions Regarding Unidentified Aerial Phenomena

This article was originally written in August 2024. However, additional document releases related to these…

July 15, 2025

Do Not Respond: Pentagon Staff Instructed to Ignore The Black Vault’s UAP Inquiry

The Department of Defense (DoD) has released 151 pages of internal records related to the…

July 15, 2025

U.S. Government Confirms Multiple Drone Incursions Over Pantex Nuclear Facility; Newly Released Documents Reveal Previously Unreported Security Events

The U.S. Department of Energy (DOE) has released a series of previously undisclosed documents confirming…

July 12, 2025

Air Force Confirms Drone Swarms Over Wright-Patterson AFB Led to Airspace Shutdown; Videos and Reports Released

Newly released Air Force records confirm that Wright-Patterson Air Force Base (WPAFB) in Ohio experienced…

July 11, 2025

Navy Withheld Nearly 500 Pages About UAP Video Release Decision, Records Show FOIA Pressure Drove Disclosure

Newly released documents obtained through the Freedom of Information Act (FOIA) reveal that the U.S.…

July 9, 2025

CIA Mishandles UFO Files Again: Intelligence on Soviet UFO Reports Lost Forever

The CIA’s history of losing or mismanaging UFO-related records continues with yet another example, this…

July 7, 2025