Cybersecurity Breach at Maryland Department of Transportation
A recent cybersecurity breach at the Maryland Department of Transportation has resulted in the alleged theft of sensitive personal data, which is now being offered for sale by the hacking group known as Rhysida Ransomware. The group is reportedly auctioning off this compromised information for 30 Bitcoin, valued at approximately $3.4 million. This stolen data includes critical details such as social security numbers, home addresses, dates of birth, and other identifiers.
Response from the Maryland Department of Transportation
In light of this incident, the Maryland Department of Transportation has acknowledged that there has been a data loss due to unauthorized access to the Maryland Transit Administration systems. They are proactively advising users and employees of the transportation authority to take protective measures, including:
- Changing passwords
- Updating software
- Activating two-factor authentication to further secure their accounts
While the department has been transparent about the incident’s nature, they have refrained from detailing the specific types of data compromised and have confirmed that an investigation is still underway.
Threats from Rhysida Ransomware
A representative from the Maryland Department of Transportation has not yet commented on the situation. The Rhysida hacking group has been active since at least early 2023, primarily targeting sectors such as education, healthcare, manufacturing, IT, and governmental organizations, according to intelligence from the Cybersecurity and Infrastructure Security Agency (CISA).
CISA warns that members of Rhysida often threaten to make sensitive information public if their ransom demands are not met, instructing victims to make payments via Bitcoin— a cryptocurrency favored by ransomware gangs due to its relative anonymity compared to traditional financial systems.
Broader Context of Ransomware Attacks
In a related context, the Department of Justice has recently attempted to reclaim $2.3 million in Bitcoin linked to another ransomware group called Chaos. Similarly, authorities in Texas have pursued forfeiture of funds from a different ransomware group known for extorting victims globally. Notably, in 2024, ransomware attackers reportedly received about $813 million in ransom payments, representing a decrease of 35% from the record $1.25 billion obtained in 2023, as reported by Chainalysis.
