A cyber ransom gang has published thousands of digital files that it stole from the Scottish Environment Protection Agency.
The regulator had about 1.2GB of data lifted from its digital systems in a “complex and sophisticated” attack on Christmas Eve.
It is understood the theft was the equivalent to a fraction of the contents of an average laptop hard drive.
Some of the information stolen was already in the public domain but other files included staff and supplier information was not.
Sepa rejected a ransom demand for the attack carried out by the international Conti ransomware group.
4000 files including contracts, strategy documents and databases have been published on the dark web - a part of the internet only accessible through specialised software.
Speaking on the BBC this morning, Sepa chief executive Terry A'Hearn said: “We've been clear that we won't use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds.
“We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online.
“We're working quickly with multi-agency partners to recover and analyse data then, as identifications are confirmed, contact and support affected organisations and individuals."
Mr A’Hearn reassured the Scottish public that even though Sepa's emails and contacts centre were locked in the attack, its "priority regulatory, monitoring, flood forecasting and warning services were continuing to adapt and operate".
Det Insp Michael McCullagh, of Police Scotland's cybercrime investigations unit, said: “This remains an ongoing investigation.
“Inquiries remain at an early stage and continue to progress including deployment of specialist cybercrime resources to support this response.”
