CLEVELAND — A person claiming to be the Cleveland Municipal Court hacker is demanding the court pay a $4 million ransom, or they say they will release thousands of stolen documents containing sensitive information.
The purported cyber-criminal reached out to News 5 via email shortly after the attack.
The attack began on Feb. 22, forcing the shutdown of both Cleveland Municipal Court and Cleveland Housing Court for over two weeks. The courts reopened to the public on March 12. However, a court employee told News 5 that court operations were still limited, and the municipal court's website was still not working.
RELATED: Cleveland Municipal Court is still not back to normal after cyberattack
What they told us
Through a series of email exchanges with a News 5 producer, the person claiming to be the hacker revealed what information they claimed they took from the court.
The first email was sent to News 5 on Feb. 25, two days after Cleveland Municipal Court announced it would be shut down over a cyber incident.
The message said, "Residents are being led by the nose... we are ready to tell you the details of the cyberattack."
When we asked for more information, they wrote, "The attack was carried out the night of February 22 and 23, this is exactly an attack."
"The group was online for a very long time, they needed to download very large amounts of personal data that were not protected in any way," they said. "Personal files (of the accused, convicts, employees, residents) were stolen. These are hundreds of thousands of documents."
"If the employees do not make any decision, all these documents will end up online," they added.
News 5 asked for proof.
The person purporting to be the hacker then sent us a list of file names they say they stole, which included thousands of spreadsheets and IRS forms, as well as vendors, such as banks and law firms.
News 5 then asked for more proof.
They sent screenshots containing what appears to be court employee personal information, including social security numbers, which we destroyed.
They also sent screenshots of messages that appear to be negotiations between them and court officials.
In one screenshot, the alleged hacker said the court's silence was "rudeness" and threatened to publish the stolen information on their blog.
In what appears to be the court's response, officials said they were not being silent. The message said, "Someone opened this not understanding what it really was and hadn't told us they did."
Did the court pay ransom?
After receiving emails from a person purporting to be the hacker, News 5 Investigators immediately reached out to Bryan Brandeberry, senior director of security operations of The E.W. Scripps Company, which owns News 5.
Brandeberry said it's difficult to determine whether the person who sent the e-mails to us perpetrated the attack or purchased the stolen information from the dark web.
"Either way, they're likely the people trying to extort money or ransom for the data," he said.
In an email to us, the alleged hacker said if the court pays the $4 million ransom, they would delete the stolen data and "nobody would ever know about it."
They even offered to "provide safety recommendations" to the court to avoid future hacks.
In an email to News 5 on Friday, the alleged hacker said the court had not paid the ransom.
The court's non-response
For weeks, News 5 Investigators have tried to get answers from Cleveland Municipal Court officials and to show them the information that was sent to us.
We've also repeatedly asked if anything has been done to warn court employees or the public that their information is at risk.
But no one from the court will talk to us or answer our questions.
This isn't the first time hackers have targeted the City of Cleveland.
You may remember a cyberattack that shut down city hall for several days last summer.
RELATED: Cleveland says it will not negotiate with cyberattackers
News 5 asked the alleged hacker if they were responsible for that attack.
They replied, 'No, this is not our job."
