In brief
- Ransomware group Rhysida reportedly stole sensitive data and personal information from the Maryland Department of Transportation.
- The collective is now auctioning off the contents for 30 BTC, or about $3.4 million worth.
- Ransomware payments were down 35% in 2024, but still amounted to $813 million in total.
Sensitive data swiped during a cybersecurity incident at the Maryland Department of Transportation is reportedly being auctioned for 30 Bitcoin, or $3.4 million worth, by hacking collective Rhysida Ransomware.
Based on auction details gathered by Dark Web Daily, the hacking collective allegedly stole sensitive personal data and information like social security numbers, addresses, dates of birth, and other identifying information.
It is now reportedly offering the data to a single party in the next seven days.
As part of a cybersecurity investigation, the Maryland Department of Transportation “confirmed incident-related data loss” related to unauthorized access of Maryland Transit Administration systems.
It urged users and state employees of the transportation authority to take action to help mitigate the potential effects, like updating passwords and software, and enabling two-factor authentication on their accounts.
The department did not elaborate further on the types of data and information that were subject to loss, and said the investigation was ongoing as of Monday. A representative for the Maryland Department of Transportation did not immediately respond to Decrypt’s request for comment.
Rhysida’s hacking collective has been operating since at least 2023, primarily targeting education, healthcare, manufacturing, information technology, and government sectors according to a memo from the Cybersecurity and Infrastructure Security Agency (CISA).
CISA adds that Rhysida actors typically threaten to publish sensitive data if ransom payments are not made, and direct victims to send those payments via Bitcoin.
Crypto is often used by ransomware operators due to the comparative difficulty of tracking payments compared to traditional, centralized methods.
In July, the Department of Justice sought forfeiture of $2.3 million worth of Bitcoin tied to ransomware attacks and operator group, Chaos. A month later, authorities in Texas sought a similar amount in forfeitures from a different ransomware operator which had extorted victims worldwide.
Ransomware attackers received around $813 million in extortion payments in 2024, down 35% from a record-setting $1.25 billion in payments from 2023 according to Chainalysis.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
in well organized HTML format with all tags properly closed. Create appropriate headings and subheadings to organize the content. Ensure the rewritten content is approximately 1500 words. Do not include the title and images. please do not add any introductory text in start and any Note in the end explaining about what you have done or how you done it .i am directly publishing the output as article so please only give me rewritten content. At the end of the content, include a “Conclusion” section and a well-formatted “FAQs” section.
