Officials investigating the Bitcoin-fueled ransomware attack that hit Baltimore City last month believe the hackers have leaked government documents on Twitter.

A Twitter account claiming to be owned by the hackers appears to have been used to leak the sensitive documents, The Baltimore Sun reports.

The now-suspended account posted a document detailing a woman’s medical history last month, and claimed to have numerous other potentially sensitive documents.

According to reports, the account has been taunting the city’s mayor, Bernard C. “Jack” Young.

No personal data has been stolen in the attack, according to a spokesperson from the mayor’s office.

That said, the hackers‘ Twitter account allegedly messaged a Baltimore Sun reporter claiming to have financial documents and citizens’ personal information. The supposed hacker threatened to leak the documents to the dark web.

What happened?

The ransomware attack began in early May and crippled the computer systems of the local government. Many still remain offline with only one third of Baltimore City employees having had their access restored.

The effects were felt across the city, beyond just government systems. The real estate business had to figure out an old-fashioned workaround after clearing systems were unable to process payments. In one case, home buyers were unable to move in as their property settlement was postponed indefinitely, The Baltimore Sun reported.

The city’s mayor has held firm and continues to refuse to pay the ransom, which was around $76,000 worth of Bitcoin BTC when the attack began.

It’s estimated though, that the attack has cost taxpayers somewhere in the region of $18 million. With that in mind, maybe the mayor should have just paid up, and then gone after the attackers to bring them to justice. But that’s all in hindsight of course.

That said, an investigation by ProPublica found that even industry professionals sometimes just pay the hackers, rather than trying to decrypt compromised hard drives.