Ransomware gang Rhysida today claimed responsibility for a cyber attack last week at the the Oregon Department of Environmental Quality which forced the department to shut down the email system, computer workstations, help desk, and vehicle inspection stations. Most of those services were brought back online by April 14.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Rhysida is a ransomware group that first surfaced in May 2023. Its ransomware can steal data and lock down targeted systems. It then demands a ransom both for deleting stolen data and for a key to restore infected systems. Rhysida operates a ransomware-as-a-service business in which affiliates pay Rhysida to use its malware and infrastructure to launch attacks and collect ransoms.”
“Rhysida claimed 86 confirmed ransomware attacks since it began, compromising more than 5.4 million records. It made another 104 attack claims that haven’t been acknowledged by the targeted organizations. Its average ransom demand is $1.07 million.”
“In 2025 so far, Comparitech researchers have logged 15 confirmed ransomware attacks on US government entities, plus 22 unconfirmed claims.”
“In addition to data theft, ransomware attacks on US government entities can disrupt computer access to essential services, payments, communications, and stored files. Officials must then either pay a ransom or face extended downtime, data loss, and putting constituents at increased risk of fraud.”
Rhysida is pretty busy as I have been writing about them a lot lately. Clearly this is a group that merits closer attention.
Related
This entry was posted on April 15, 2025 at 2:05 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Rhysida says it hacked the Oregon Department of Environmental Quality
Ransomware gang Rhysida today claimed responsibility for a cyber attack last week at the the Oregon Department of Environmental Quality which forced the department to shut down the email system, computer workstations, help desk, and vehicle inspection stations. Most of those services were brought back online by April 14.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“Rhysida is a ransomware group that first surfaced in May 2023. Its ransomware can steal data and lock down targeted systems. It then demands a ransom both for deleting stolen data and for a key to restore infected systems. Rhysida operates a ransomware-as-a-service business in which affiliates pay Rhysida to use its malware and infrastructure to launch attacks and collect ransoms.”
“Rhysida claimed 86 confirmed ransomware attacks since it began, compromising more than 5.4 million records. It made another 104 attack claims that haven’t been acknowledged by the targeted organizations. Its average ransom demand is $1.07 million.”
“In 2025 so far, Comparitech researchers have logged 15 confirmed ransomware attacks on US government entities, plus 22 unconfirmed claims.”
“In addition to data theft, ransomware attacks on US government entities can disrupt computer access to essential services, payments, communications, and stored files. Officials must then either pay a ransom or face extended downtime, data loss, and putting constituents at increased risk of fraud.”
Rhysida is pretty busy as I have been writing about them a lot lately. Clearly this is a group that merits closer attention.
Share this:
Like this:
Related
This entry was posted on April 15, 2025 at 2:05 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.