Ransomware gang Rhysida has this morning claimed the recent cyber attack on Sumter County Sheriff’s Office. Its proof pack appears to contain various IDs and biometric data (fingerprints). It has given the Sheriff’s Office six to seven days to pay its ransom before the data is released.
Sumter County Sheriff’s Office confirmed it had been hit with a ransomware attack on August 6, 2024. In its statement it said the attack hadn’t impacted its law enforcement service response but that access to records was limited. It didn’t comment on whether any data had been extracted or breached as a result of the attack.
Comparitech has reached out to the Sheriff’s Office to confirm Rhysida’s claims and to find out more information on what type of data may have been impacted. In the meantime, we highly recommend citizens and employees of Sumter County remain on high alert for any phishing messages while monitoring accounts for suspicious activity.
Who is Rhysida?
Rhysida is thought to have ties to the ransomware group Vice Society and first originated in May 2023. Since then, we have logged 51 confirmed attacks via this group. These attacks have affected nearly 3.5 million records and the average ransom has been just over $1 million.
Rhysida is also the group behind recent attacks on the City of Columbus, New Jersey City University, and New Mexico Law Offices of the Public Defender.
So far this year we’ve tracked 10 confirmed attacks via Rhysida and 33 unconfirmed attacks.
Ransomware attacks on US government entities
While the number of confirmed attacks we’ve tracked in the US this year so far is a reduction on the number noted in 2023, attacks on US government entities haven’t followed this same trend. Rather, this year we have noted 57 confirmed attacks on US government organizations, while 78 were noted throughout all of 2023. The average ransom across these attacks this year is $750,000.
This latest attack on Sumter County Sheriff’s Office joins the City of North Miami and the City of Killeen which have also confirmed attacks this month already.
Ransomware attacks on governments focus on causing as much disruption as possible by crippling key systems and preventing access to vital records. This helps increase the threat actors’ chances of securing a payment. A key example was the January attack on Washington County where an unknown group of hackers secured a $400,000 ransom after encrypting systems.
We have also tracked 21 unconfirmed attacks on US government organizations this year so far.