A ransomware group took credit for a recent cyberattack on the Maryland Department of Transportation and is auctioning off purported agency data.
DOT officials confirmed Monday that hackers got unauthorized access to Maryland Transit Administration systems and reported an “incident-related data loss.” The officials didn’t specify what data was stolen or say when the cyberattack occurred. The incident is being investigated.
The Rhysida ransomware group claims responsibility for the cyberattack. The organization claims to have people’s full names, Social Security numbers, dates of birth, home addresses, driver’s license details and passport information, according to the Daily Dark Web website that reports on cyberattacks.
The Rhysida group also says it has internal financial documents, confidential legal papers, attorney-client communication material and Maryland’s Department of Legislative Services audit information, according to Daily Dark Web.
Rhysida’s starting price for handing over the data is $3.28 million.
Maryland officials haven’t confirmed what data was taken or if Rhysida is, in fact, responsible.
“At this time we are unable to disclose specific or additional details regarding what data has been lost. … If it is found that personal information has been taken, the affected individuals will be notified by the state in accordance with state law and we will take appropriate actions and provide guidance,” Maryland Transit Administration spokeswoman Veronica Battisti told Hagerstown’s Herald-Mail Thursday.
Maryland transportation officials encouraged department employees and users of the Maryland Transit Administration system to update software and passwords on their devices, use multifactor authentication and to be wary of suspicious emails and links that could be phishing attempts.
Rhysida has been active since at least 2023, according to the Cybersecurity and Infrastructure Security Agency, part of the U.S. Department of Homeland Security.
• Brad Matthews can be reached at bmatthews@washingtontimes.com.
Please read our comment policy before commenting.