Hackers Say They Breached Oregon Agency; Officials Deny the Claim

Threat actors claim an alleged attack against a governmental agency in Oregon, while the agency says it has no evidence of a data breach.

Oregon regulatory agency suffers cyberattack

The Oregon Department of Environmental Quality (DEQ) recently suffered a cyberattack, forcing the agency to take several networks offline in an attempt to contain it.

Last week, on April 9, the DEQ disclosed that it had launched an investigation to determine the scope of the attack.

The attack impacted some of the agency’s operations, including vehicle inspection stations, email and help desk services. According to the agency, environmental data management systems came out unscathed, as they were hosted on a separate server.

No data breach evidence, claims the agency

The agency has released several updates since the attack, stating that it has no evidence of a data breach. In other words, the DEQ claims that, despite the incident, threat actors haven’t managed to exfiltrate any hosted data.

However, the infamous Rhysida ransomware group recently posted a statement, claiming the attack and subtly mocking the DEQ.

“They think their data hasn’t been stolen,” reads Rhysida’s post. “They’re sorely mistaken. Over 2.5 terabytes of unique data. (SQL, employee data and more)”

The perpetrators demand 30 BTC (approximately $2.5 million) for the allegedly stolen database, claiming they will only sell it to “one hand,” or, in other words, to a unique buyer.

Doubts about Rhysida’s claims

The cybercrime gang appended a seven-day countdown timer to the post, along with a low-resolution screenshot that seemingly depicts some data stolen from the DEQ.

Rhysida’s claims are on shaky ground, as the gang failed to provide any additional proof of the attack.

Threat actors often post batches of sample files from exfiltrated databases, or at least more than just one screenshot, to coerce victims into paying a ransom.

The importance of data breach preparedness

When individuals entrust their personal data to companies or other entities, they often relinquish control without fully realizing it. There’s little they can do to prevent mishandling or exposure, especially in the event of a data breach.

Taking precautions and preparing for worst-case scenarios with tools like Bitdefender Digital Identity Protection is crucial.

It provides an extensive overview of your online presence, including traces of data from no longer-used services. It notifies you if your data has been exposed in a breach and helps you patch weak spots in your digital footprint with quick, one-click action items.