Supply chain
⛓ Supply Chain
NYPD Fingerprint Database Third-Party Breach (December 2019)
Primary Source ↗Incident Details
NYPD Fingerprint Database Infected With Ransomware by Third Party Contractor - CPO Magazine. Attempted ransomware attack on NYPD fingerprint database was the result of a “bumbling” third-party contractor who was installing video equipment at one of the department’s training academies.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- not disclosed
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2019-12-01 Breach occurred
- 2019-12-10 Publicly disclosed