The Associated Press says Babuk – which it describes as a "relatively new ransomware gang" – says the data it stole includes information on informants, which it threatened to share with local criminals, unless police paid a ransom.
The group reportedly says it stole more than 250 gigabytes of data.
On Monday, the department confirmed for FOX 5 that it had suffered a data breach, and the Federal Bureau of Investigation was looking into it.
On Tuesday evening, DC Police Chief Robert Contee addressed the incident, saying the mechanism that allowed the breach to occur had been blocked.
He said D.C. police and other agencies are still trying to determine what data had been compromised.
"If it is discovered that personal information of our members or others was compromised, we will follow up with additional information," Contee said.
The Babuk group, a relatively new ransomware gang, said on its website that it had "downloaded a sufficient amount of information from your internal networks" and gave the police three days to contact it or "we will start to contact gangs in order to drain the informants."
A cyber security expert who spoke with FOX 5 said the ransoware attack could have used multiple avenues to gain access to police servers. And it requires a multi-layered response including better cyber defenses and training.
"Babuk is a ransomware and they are relatively sophisticated so this was definitely a targeted attack. It's unclear how they got in as we discusssed but they're very adept at using security vulnerabilities against organizations so they're just one of a number of ransomware groups that are getting more powerful because they're getting funded and they're getting more sophisticated in their attacks," said Cyber Defense Group Founder and CEO Lou Rabon.
The Associated Press says Babuk posted screenshots indicating they’d accessed data from at least four computers regarding gang conflicts, jail census data, and other administrative files.
So far this year, 26 government agencies in the U.S. have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, said ransomware analyst Brett Callow of the cybersecurity firm Emsisoft. Ransomware victims don’t always pay, often preferring the arduous task of rebuilding networks from backups.
A worsening global epidemic of ransomware attacks is considered a national security threat by many, doing tens of billions of dollars in damage. U.S. law enforcement is relatively powerless to counteract it as most of the criminals enjoy safe harbor in Russia and other nations with weak rule of law.
The Associated Press contributed to this report