Cyber Incident Victim: Presque Isle Police Department

The Presque Isle Police Department experienced a ransomware attack that culminated in a public extortion attempt by unidentified threat actors in April 2021. On April 18, 2021, a ransom deadline countdown displayed on the attackers’ dark web site expired at approximately 9:30 p.m., marked by a timer with red numerals counting down minutes and seconds to zero. Following the deadline’s expiration, the threat actors did not immediately execute their threatened data leak but instead placed their site “on hold” with a “Coming Soon” message indicating pending updates. This suggested a temporary pause in their actions despite the elapsed deadline. The Bangor Daily News initially reported on the incident prior to the countdown’s expiration, drawing public attention to the situation.

Subsequent to the Bangor Daily News’ coverage, the threat actors attempted to escalate pressure by uploading a 150 MB archive purportedly containing department data to their dark web site. However, the provided download link for this archive was non-functional, preventing immediate access to the allegedly leaked information. Following this incomplete data release attempt, the attackers reset their countdown timer, granting the Presque Isle Police Department an additional seven days to respond to their demands before threatening further data disclosures. This extension indicated a tactical shift in the attackers’ approach, prolonging the extortion timeline while maintaining uncertainty about the full scope and validity of the compromised data. The department’s operational status, specific data types involved, and any direct interactions between the department and the threat actors were not disclosed in available reports.