According to the security company\u00a0Recorded Future, which has been tracking the cybercriminal\u2019s breaches, Rasputin\u2019s most recent victims include 63 \u201cprominent universities and federal, state, and local U.S. government agencies.\u201d The security firm has been following Rasputin\u2019s activity since late 2016 when the hacker reportedly\u00a0breached\u00a0the\u00a0U.S. Electoral Assistance Commission\u00a0and then sold EAC access credentials.<\/strong><\/em><\/p>\n Recorded Future claims that Rasputin\u2019s victims are \u201cintentional targets of choice based on the organization\u2019s perceived investment in security controls and the respective compromised data value. Additionally, these databases are likely to contain significant quantities of users and potentially associated personally identifiable information (PII).\u201d<\/strong><\/em><\/p>\n All of the hacked agencies and universities have been notified about the breaches by Recorded Future. There were 16 U.S. state government victims, 6 U.S. cities and four federal agencies. Additionally, there were two \u201cother\u201d .gov sites which included\u00a0Fermi National Accelerator Laboratory, \u201cAmerica\u2019s premier particle physics lab,\u201d and the\u00a0Child Welfare Information Gateway, which is \u201ca service of the Children’s Bureau, Administration for Children and Families, U.S. Department of Health and Human Services.\u201d<\/strong><\/em><\/p>\n They printed a list of those that were attacked and breached:<\/p>\n I filed FOIA requests to the various agencies attacked, and will archive the responsive records below.<\/p>\n![\"\"](\"http:\/\/www.theblackvault.com\/documentarchive\/wp-content\/uploads\/2017\/08\/2017-08-20_16-09-01.jpg\")
<\/p>\nDocument Archive<\/h3>\n
Postal Regulatory Commission<\/h4>\n
![](\"https:\/\/www.theblackvault.com\/images\/pdf.gif\")
\u00a0