Information stolen in April 10 ransomware attack was posted on a dark web portal and includes private documents not published as part of public records. The move came after ransom negotiations between the two parties broke down following a ransomware attack earlier this month, on April 10. The files contain personally identifiable information about state prisoners, their grievances and cases, according to the post. DoppelPaymer, based on BitPaymer ransomware, emerged in 2019 as a significant cybercriminal threat and has been used since then to carry out a number of high-profile attacks.
Source: https://threatpost.com/doppelpaymer-leaks-illinois-ag/165694/