Here's what happened: the Rhysida ransomware group claims that they breached the Maryland Transit Administration (MTA) in late August and took a lot of confidential information from the agency. Now they are demanding 30 Bitcoin, about $3.4 million in total, for the return of the information. Wild, right?
The MTA commented there was a cyber incident, but they have neither confirmed whether everything Rhysida claims is true or not, at least, from the information available right now. They are still trying to determine what data was stolen and how many people are affected. They did say:
• Will the MTA actually pay the ransom?
• How many individuals’ information was really breached?
• Can everyone impacted be notified promptly?
• Can MTA reinstate its all its services accessible online as soon as possible?
If you ride the transit, use online services, or live in a digital world (that’s all of us!), the significance of this story has a bearing on you. Stay alert, guard your information, and probably more significant, don’t trust every email or message sent to you!
What Was Taken?
According to the group, the following was taken:- Names birthdays
- Driver's licenses
- Social Security numbers
- Passports, and identification documents
The MTA commented there was a cyber incident, but they have neither confirmed whether everything Rhysida claims is true or not, at least, from the information available right now. They are still trying to determine what data was stolen and how many people are affected. They did say:
- "If there was a leak, they will work to notify them and provide some advice."
- Some services were impacted, including MobilityLink paratransit and some of the real-time bus tracking system.
Who Are These Rhysida Guys?
Rhysida has been active. Here is their activity history:- 91 confirmed attacks to date with a leak of approximately 5.5 million records.
- Their average ransom has been approximately $1.1 million.
- This $3.4 million demand is one of their largest ever–just behind $5.8 million at Port of Seattle.
- They previously demanded the same amount from the Lurie Children’s Hospital.
Why Should You Care?
You might think: "I don't live in Maryland, so why does this matter?" Here is the deal you need to understand:- If this information is accurate, there is a risk of identity theft for individuals.
- Transit riders still face service issues—some transit bus tracking is still down.
- Other hackers may take this as a 'green light' to target multiple public agencies.
- Phishing scams (fake emails and texts directly sent) have a tendency to escalate following a breach.
What Follows?
The main questions are:• Will the MTA actually pay the ransom?
• How many individuals’ information was really breached?
• Can everyone impacted be notified promptly?
• Can MTA reinstate its all its services accessible online as soon as possible?
Conclusion
This is not just about Maryland, itself, it says more about public systems globally. If hackers can wreak havoc on a state transit authority, they can wreak havoc almost anywhere.If you ride the transit, use online services, or live in a digital world (that’s all of us!), the significance of this story has a bearing on you. Stay alert, guard your information, and probably more significant, don’t trust every email or message sent to you!