The Sumter County Sheriff’s Workplace is the newest sufferer claimed by the Rhysida ransomware group, which has threatened to leak knowledge together with scans of IDs and fingerprints.
The Florida county legislation enforcement company disclosed that it had skilled a ransomware assault in a Fb publish Tuesday, saying it might work with the Florida Division of Regulation Enforcement, Florida Digital Companies and different IT professionals to conduct an investigation.
The sheriff’s workplace additionally mentioned legislation enforcement response wouldn’t be impacted by the assault, however that entry to some information could be restricted throughout the investigation. It didn’t attribute the assault or say whether or not any knowledge was uncovered within the incident.
The Rhysida ransomware gang posted the Sumter County Sheriff’s Workplace on its leak web site Friday morning, with a screenshot posted by Emsisoft Risk Hunter Luke Connolly displaying a seven-day countdown for cybercriminals to bid on stolen knowledge. The beginning worth is listed at 7 bitcoin, or roughly $423,000.
One other screenshot printed by Comparitech reveals obvious samples of paperwork Rhysida claims to have stolen, which seems to incorporate scans of passports, driver’s licenses, Social Safety playing cards and fingerprints.
“We extremely advocate residents and staff of Sumter County stay on excessive alert for any phishing messages whereas monitoring accounts for suspicious exercise,” Rebecca Moody, head of knowledge analysis at Comparitech, wrote.
Rhysida continues assaults on authorities, healthcare
The Rhysida ransomware group has claimed a number of assaults on essential infrastructure over the previous yr. specifically in opposition to authorities companies and healthcare organizations.
Final week, the gang held an public sale asking for at the least 30 bitcoin (about $1.8 million) for six.5 TB of knowledge it mentioned it stole from the Metropolis of Columbus, Ohio. On Thursday, Rhysida printed greater than 3 TB of the Columbus knowledge, or greater than 250,000 information, in line with NBC4.
The printed knowledge appeared to incorporate payroll knowledge, database backups and knowledge on third-party distributors, Ohio State College Assistant Pc Science Professor Carter Yagermann advised 10 WBNS. The gang beforehand mentioned it had additionally stolen knowledge on metropolis emergency companies and surveillance cameras.
Columbus Mayor Andrew Ginther mentioned in a press release that “it has not been validated that the information is usable or helpful,” including that “the truth that the menace actor’s tried knowledge public sale failed is a powerful indication that the information lacks worth to those that would search to do hurt or revenue from it.”
Town had efficiently prevented the encryption of information throughout the July 18 assault and started providing free credit score monitoring to metropolis staff on Aug. 1.
Rhysida additionally took duty for an assault on Delaware-based Bayhealth Hospital on Thursday, asking for 25 bitcoin (almost $1.5 million) to forestall the discharge of knowledge. The gang additionally attacked Chicago-based Lurie Youngsters’s Hospital in January, the nationwide British Library in October, and Mississippi-based Singing River Well being System in addition to Prince George’s County Public Colleges in Maryland in August 2023.
Comparitech, which has been monitoring cyberattacks on U.S. authorities organizations, has famous 57 confirmed assaults in 2024, with numbers on observe to exceed the 78 confirmed assaults in 2023, Moody advised SC Media in an e mail. The typical ransom for assaults on U.S. authorities companies in 2024 is $750,000, in line with Moody.
“Ransomware assaults on governments give attention to inflicting as a lot disruption as doable by crippling key programs and stopping entry to very important information. This helps improve the menace actors’ probabilities of safety a fee,” Moody mentioned.
