HQ/EMEAFind out how we can help your business
The notorious Rhysida ransomware group has claimed responsibility for cyberattacks against two government institutions, raising concerns about sensitive data security.
The first victims of these recent cybercriminal sprees were the city of Gondomar in Portugal. Gondomar officials revealed last month that their municipality had fallen victim to a cyberattack. They immediately shut down critical systems and promptly contacted the National Cybersecurity Center, the National Data Protection Commission, and local law enforcement agencies to report the attack.
The impact of the cyberattack has reached various places after it disrupted numerous municipal services. Initially, the city officials explained that online services would be out of operation for a week, leaving residents with limited access to online services.
However, they clarified that citizens could still personally visit government offices for bill payments, permits, and other essential tasks.
The town continued to execute mitigation processes with the attack’s impact. Email systems remained inaccessible, making it challenging to maintain communication with residents. However, they have repeatedly appealed to residents, urging them to visit their offices for pressing physical needs.
Unfortunately, the extent of the breach is still a mystery since the officials have yet to disclose if the resident data suffered a compromise. Furthermore, the city officials remained silent in response to inquiries regarding when services would return to normal.
The Rhysida ransomware group also attacked a Dominican Republic agency.
In addition to the assault on Gondomar, the Rhysida ransomware group has claimed a separate attack on the Dominican Republic’s Migration Agency, which oversees the nation’s immigration system.
The agency has confirmed this incident, stating that the hackers successfully infiltrated and stole data. A Dirección General de Migración spokesperson admitted the rising global trend of such incidents, particularly in governmental institutions, where international cybercriminal groups have surged in recent years.
They emphasised that every government entity should work closely with authorities to evaluate the scope of the breach and take decisive action to minimise the impact and protect the privacy of those affected.
Town officials revealed they detected unusual activities last month and quickly notified the country’s National Cybersecurity Center. The confirmed breached data included the residents’ names, addresses, and birthdates.
In addition, they explained that they have collaborated with relevant agencies to address the attack after detecting the breach. Their primary objective is to implement remedial measures, reinforce security controls, and closely monitor any potential irregular activities.
The Rhysida ransomware group have made this organisation’s information available on their leak site and demanded a ransom from the country, setting a seven-day deadline. They offer to sell this information for 25 BTC, equivalent to approximately $700,000.
