The notorious LockBit ransomware organisation claims to have stolen secret data from the California Department of Finance, and the department has stated it is investigating a “cybersecurity issue.”

On Monday, the California Office of Emergency Services (Cal OES) released a statement describing the danger as a “intrusion” that had been “discovered via collaboration with state and federal security partners.”

Information on the nature of the event, the parties involved, and any stolen data were not included in the statement. Unfortunately, TechCrunch did not get a response to its inquiries from the California Department of Finance before publishing.

While the statement did not provide any details on the current inquiry, it did say that no state funds had been stolen and that the finance department was continuing to work on the governor’s budget, which will be revealed next month.

On Monday, the renowned LockBit ransomware group claimed credit for the assault, even though state authorities had been silent about the situation. Russia-linked organisation claims to have stolen 76GB of information from the agency, including “databases, private data, financial papers, certificates, IT documents, and sexual procedures in court,” according to a post on the group’s dark web leak site obtained by TechCrunch.

The screenshots provided by LockBit add some credibility to the ransomware group’s assertion, but it is still prudent to treat the group’s statements with caution. In June, the organisation falsely claimed to have broken into cybersecurity firm Mandiant. After a Mandiant investigation revealed several connections between LockBit and the U.S.-sanctioned Evil Corp gang, the ransomware group decided to stage the event to discredit Mandiant’s findings.

LockBit has given the California Department of Finance until December 24 to pay a ransom. The ransomware group has threatened to release all of the stolen material if the government agency does not pay up.

Just weeks before this recent hack, in November, the United States Department of Justice charged a Russian and Canadian man with LockBit for his alleged role in assaults against vital infrastructure and significant industrial entities throughout the globe.

According to the DOJ’s report at the time, LockBit has extorted tens of millions of dollars from victims in the United States by demanding ransom payments of at least $1,000 each.