BROWNSVILLE, Texas (ValleyCentral) — On Monday, a cyber security firm reported a Russian ransomware gang hacked the Brownsville Public Utility Board (BPUB).

Ransomware is a type of virus that attacks its victims at random usually through opening a spam email, according to Brett Callow, an Emsisoft threat analyst.

“Most ransom attacks are completely random,” said Callow. “They are the result of somebody opening a spam email.”

Emsisoft is similar to a watchdog group, the company is based in New Zealand and keeps track of ransomware attacks across the globe.

Callow notified ValleyCentral on Monday that the Russian ransomware gang LockBit listed BPUB on their website indicating BPUB’s information will be leaked if a ransom is not paid.

LockBit ransomware site

When we asked BPUB if they were aware of the breach in security, they did not confirm nor deny it until later on Monday night.

“Data security incident that impacted our systems, upon learning of the issues we did take immediate steps to make sure our environment was protected, we reach out to outside cyber security and data privacy professionals.”

Ryan Greenfeld, marketing and communications manger at BPUB

Though Greenfeld said they are investigating the incident, current customers’ information is safe.

“This investigation is going on, we are confident that our environment is currently secure,” said Greenfeld. “We are continuing to investigate and when we learn which data if any was compromised we will make sure to let our customers know.”

Callow said that Emsisoft believes LockBit is based in Russia after learning some hackers spoke Russian.

LockBit is an affiliate operation according to Callow, meaning though they make the ransomware in Russia they hire people around the world to send the virus to different entities.

“They use that stolen information as additional leverage to extort payments. They threaten they will release it online unless the organization pays,” said Callow. “So even if BPUB can recover its data through back up they still have to figure out what to do about the stolen data.”

Callow said LockBit has gained in popularity recently but has no correlation to the war happening between Russia and Ukraine.

BPUB said they do not have any more details yet, but plan to publish any new information learned from the investigation.