Categories: Government

Rasputin Hacker Attack on Government Agencies and Universities

Background

In February of 2017, the magazine Computer World published the following article:

A “Russian-speaking and notorious financially-motivated” hacker known as Rasputin has been at it again, hacking into universities and government agencies this time, before attempting to sell the stolen data on the dark web.

According to the security company Recorded Future, which has been tracking the cybercriminal’s breaches, Rasputin’s most recent victims include 63 “prominent universities and federal, state, and local U.S. government agencies.” The security firm has been following Rasputin’s activity since late 2016 when the hacker reportedly breached the U.S. Electoral Assistance Commission and then sold EAC access credentials.

Continue scrolling for more...

Recorded Future claims that Rasputin’s victims are “intentional targets of choice based on the organization’s perceived investment in security controls and the respective compromised data value. Additionally, these databases are likely to contain significant quantities of users and potentially associated personally identifiable information (PII).”

All of the hacked agencies and universities have been notified about the breaches by Recorded Future. There were 16 U.S. state government victims, 6 U.S. cities and four federal agencies. Additionally, there were two “other” .gov sites which included Fermi National Accelerator Laboratory, “America’s premier particle physics lab,” and the Child Welfare Information Gateway, which is “a service of the Children’s Bureau, Administration for Children and Families, U.S. Department of Health and Human Services.”

They printed a list of those that were attacked and breached:

I filed FOIA requests to the various agencies attacked, and will archive the responsive records below.

Document Archive

Postal Regulatory Commission

 Documents Released March 31, 2017 [124 Pages, 26.7MB] – It appears that although reported to have been hit by the attack, internal documents show they were clean and there were no signs of an intrusion.

 

Follow The Black Vault on Social Media:

This post was published on August 20, 2017 11:16 pm

John Greenewald

Recent Posts

FBI Files: Directors, Agents and Personnel of the Central Intelligence Agency (CIA)

Background The Central Intelligence Agency was created in 1947 with the signing of the National…

July 4, 2025

Private/Unlisted YouTube Videos of U.S. Government Agencies

Background Many U.S. government agencies and military branches have public YouTube pages. That is no…

July 3, 2025

FOIA Response Reveals Contact Between AARO and Enigma Labs; Details Remain Largely Redacted

In a new batch of documents obtained by The Black Vault, the Department of Defense…

July 3, 2025

FBI Files: Civil Rights Era

Background Movements for civil rights were a worldwide series of political movements for equality before…

July 1, 2025

FBI Files: Historical Figures & Groups

Background Welcome to the FBI Files on Historical Figures & Groups archive at The Black…

June 26, 2025

Emails From Pentagon Spokesperson Uncovered on Gimbal, FLIR1, and GoFast UFO Videos

The Department of Defense has released a collection of internal emails in response to a…

June 18, 2025