Cyber Incident Victim: East Baton Rouge Sheriff’s Office

The East Baton Rouge Sheriff’s Office (EBRSO) detected an attempted cyber intrusion into its network on Friday, March 29, 2024, prompting an immediate security response. Investigators determined that hackers obtained a limited quantity of data before defensive software halted their progress, preventing deeper network infiltration. The compromised data included screenshots of file folders and images of video files, though investigators confirmed the attackers no longer had network access by Tuesday, April 2. As a precaution, EBRSO disabled network access for potentially compromised computers while maintaining all public services. The Sheriff’s Office attributed the attack to actors seeking media attention through misinformation, though no operational disruptions to law enforcement functions were reported.

EBRSO’s IT department initiated network security upgrades following the incident, warning that these enhancements might cause temporary interruptions to phone and internet services. Cybersecurity professional Tammy Anthony Baker identified the Medusa ransomware group as the perpetrators, having discovered stolen data on dark web leak sites. This data allegedly included employee payroll records, prisoner information, police operational plans, and CCTV footage from East Baton Rouge Parish Prison. Medusa demanded a $300,000 ransom under a nine-day deadline, threatening to release additional data. While most EBRSO public-facing systems remained functional, the parish prison inmate roster became inaccessible during the incident. The Sheriff’s Office collaborated with state and federal partners to investigate the breach and secure confidential information, reflecting a broader pattern of cyberattacks targeting Louisiana institutions like the 2023 Office of Motor Vehicles breach and Southeastern Louisiana University incident.