Cyber Incident Victim: Camden County Police Department
Date:
Mar 2023
Location:
United States of America
Summary
The Camden County Police Department experienced a ransomware attack disrupting access to criminal investigative files and impairing internal administrative operations, though public safety services remained unaffected. The agency restored approximately 80-85% of locked files while collaborating with the FBI, New Jersey Homeland Security, and the state attorney general’s office to investigate and eliminate network threats. A separate cyberattack targeted the Camden County Prosecutor’s Office around the same period, similarly without operational disruptions. Neither incident was claimed by ransomware groups, reflecting broader trends of law enforcement agencies facing such attacks, which historically risk evidence compromise, leaked sensitive data, and procedural hindrances.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 13, 2023, the Camden County Police Department in New Jersey experienced a ransomware attack that compromised its systems. The department confirmed the incident publicly through spokesperson Dan Keashen, acknowledging that criminal investigative files and day-to-day internal administration capabilities were affected by the encryption. Despite the attack, the agency maintained operational continuity with no disruptions to public safety response services for Camden City's 523,000 residents. By early April 2023, approximately 80-85% of the encrypted files had been restored based on internal assessments reported by NBC News. The investigation involved multiple entities including the FBI, New Jersey State Homeland Security's office, and the New Jersey attorney general's office. External cybersecurity consultants and law enforcement professionals collaborated with the department to eliminate remaining network threats, though Keashen declined to share additional specifics citing restrictions from internal and external legal counsel. Parallel to this incident, the Camden County Prosecutor’s Office disclosed it had suffered a separate cyberattack occurring approximately one week after the police department breach, though no operational disruptions to countywide public safety services were reported. Both agencies emphasized ongoing coordination with information technology specialists to secure their networks. No ransomware group claimed responsibility for either attack as of early April 2023.
The Camden County incident reflects broader patterns of ransomware targeting law enforcement entities. Historical precedents include the 2021 attack on Washington D.C.'s Metropolitan Police Department and the 2018 breach affecting Atlanta's police systems, with more recent incidents impacting police departments in Oakland, Modesto, and San Francisco's transportation system. A February 2023 ransomware attack against the U.S. Marshals Service similarly compromised sensitive law enforcement data and personally identifiable suspect information. Industry analyst Brett Callow highlighted recurring risks from such breaches, including potential leaks of evidentiary materials, informant identities, and operational documents—instances documented in prior cases where prosecutions were abandoned due to compromised evidence. Callow referenced specific historical outcomes: law enforcement inability to conduct license verification during traffic stops, online publication of crime scene photographs depicting deceased individuals, and threats by criminal organizations to expose informant details obtained through stolen data. The Camden County attacks remained under active investigation with no publicly disclosed data exfiltration or specific operational hindrances beyond the temporary file encryption.