Six suspected drug dealers went free after police lost evidence in ransomware attack

Seventh incident of its kind when police investigations were impacted by a ransomware infection.
Written by Catalin Cimpanu, Contributor
Image: Stuart Police Department

US prosecutors were forced to drop 11 narcotics cases against six suspected drug dealers after crucial case files were lost in a ransomware infection at a Florida police department.

The evidence in the 11 cases could not be recovered following a ransomware attack that hit the Stuart police department in April 2019.

While Stuart police recovered some data from backups, some files could not be recovered.

Also: 30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world 

Lost files included photo and video evidence, Detective Sergeant Mike Gerwan with the Stuart Police Department told WPTV in an interview last week.

Gerwan said the dropped cases included charges for possession of meth, possession of cocaine, selling narcotics, manufacturing narcotics, and delivering narcotics, among others.

Previous cases of police losing data

However, while the Stuart police ransomware incident looks bad, it is not an isolated case. Ransomware infections have been wreaking havoc across the US for the past four years, and what happened in Stuart has also happened in other places, with other police departments losing crucial case evidence, or having activities disrupted in a severe way.

The most notable past incidents include:

January 2017 - Police in Cockrell Hill, Texas admitted to losing eight years worth of evidence following an infection with the Osiris ransomware.
May 2018 - Police in Riverside, Ohio lost ten months worth of cases after a ransomware infection. They got reinfected a month later, but the second time around they were prepared and didn't lose any additional files.
June 2018 - Atlanta officials discovered that the city's police department lost almost two years of police car dash-cam video evidence following a March 2018 ransomware attack.
July 2019 - Police in Lawrenceville, Georgia lost case-related files and bodycam footage following a ransomware incident. It remains unclear how much data the police department lost, as there are conflicting reports ranging from weeks to years worth of case evidence.
July 2019 - A ransomware infection impacted police car laptops for the Georgia State Patrol, Georgia Capitol Police, and the Georgia Motor Carrier Compliance Division. Police car laptops and dash-cams remained down and unable to record new video evidence for more than a month.
December 2019 - The St. Lucie County Sheriff's Office in Florida lost a week's worth of emails and evidence following a ransomware infection, even if the office restored from backups.

The FBI's most wanted cybercriminals

Editorial standards