Ransomware hackers put stolen Maryland transportation data up for auction

A ransomware group has claimed responsibility for a recent cyberattack on the Maryland Department of Transportation and is auctioning off purported agency data.

State officials confirmed Monday that hackers got unauthorized access to Maryland Transit Administration systems and reported an “incident-related data loss.” The officials didn’t specify what data was stolen or say when the cyberattack occurred. The incident is being investigated.

The Rhysida ransomware group has claimed responsibility for the cyberattack. The organization claims to have people’s full names, Social Security numbers, dates of birth, home addresses, driver’s license details and passport information, according to the Daily Dark Web website that reports on cyberattacks.

The Rhysida group also says it has internal financial documents, confidential legal papers, attorney-client communication material and Maryland’s Department of Legislative Services audit information, according to Daily Dark Web.

Rhysida’s price for handing over the data is $3.28 million.

Maryland officials haven’t confirmed what data was taken or if Rhysida is, in fact, responsible.

“At this time we are unable to disclose specific or additional details regarding what data has been lost. … If it is found that personal information has been taken, the affected individuals will be notified by the state in accordance with state law and we will take appropriate actions and provide guidance,” MTA spokeswoman Veronica Battisti told Hagerstown’s Herald-Mail Thursday.

Maryland transportation officials encouraged department employees and users of the Maryland Transit Administration system to update software and passwords on their devices, use multi-factor authentication and to be wary of suspicious emails and links that could be phishing attempts.

Rhysida has been active since at least 2023, according to the Cybersecurity and Infrastructure Security Agency, part of the U.S. Department of Homeland Security.