The Oregon cyberattack that hit the state’s environmental agency earlier this month has left many questions still unanswered, including whether sensitive information was stolen.
The Oregon Department of Environmental Quality (DEQ) first disclosed the cyberattack about two weeks ago but has so far refused to confirm if hackers accessed internal data. Reports have suggested that ransomware group Rhysida may be behind the breach, but the department has not officially verified that claim.
In a news release on Friday, DEQ said the allegations mentioned in recent media reports are part of its ongoing investigation into the cyber incident. Agency spokesperson Lauren Wirtis declined to say whether Rhysida had contacted the department or issued a ransom demand. DEQ emphasized that it has not entered ransom negotiations with any party claiming to have stolen information.
The impact of the Oregon cyberattack has already been significant. Services like vehicle emissions testing and internal email systems were disrupted in the immediate aftermath, forcing employees to rely on their phones while systems were restored.
Progress has been made in the recovery efforts. Most servers are now back online, and hundreds of employees have shifted to working on laptops. The department explained that all potentially impacted servers and devices must be rebuilt to remove any lingering threats from the cyberattack.
While DEQ officials have remained cautious about linking the attack directly to Rhysida, cybersecurity experts are watching closely. The group has previously been tied to attacks on Seattle-Tacoma International Airport and the city of Columbus, Ohio.
As investigations into the Oregon cyberattack continue, the agency has pledged to share verified information when possible. For now, the extent of the breach and the true impact on employee data remains unclear.
The Oregon cyberattack that hit the state’s environmental agency earlier this month has left many questions still unanswered, including whether sensitive information was stolen.
The Oregon Department of Environmental Quality (DEQ) first disclosed the cyberattack about two weeks ago but has so far refused to confirm if hackers accessed internal data. Reports have suggested that ransomware group Rhysida may be behind the breach, but the department has not officially verified that claim.
In a news release on Friday, DEQ said the allegations mentioned in recent media reports are part of its ongoing investigation into the cyber incident. Agency spokesperson Lauren Wirtis declined to say whether Rhysida had contacted the department or issued a ransom demand. DEQ emphasized that it has not entered ransom negotiations with any party claiming to have stolen information.
The impact of the Oregon cyberattack has already been significant. Services like vehicle emissions testing and internal email systems were disrupted in the immediate aftermath, forcing employees to rely on their phones while systems were restored.
Progress has been made in the recovery efforts. Most servers are now back online, and hundreds of employees have shifted to working on laptops. The department explained that all potentially impacted servers and devices must be rebuilt to remove any lingering threats from the cyberattack.
While DEQ officials have remained cautious about linking the attack directly to Rhysida, cybersecurity experts are watching closely. The group has previously been tied to attacks on Seattle-Tacoma International Airport and the city of Columbus, Ohio.
As investigations into the Oregon cyberattack continue, the agency has pledged to share verified information when possible. For now, the extent of the breach and the true impact on employee data remains unclear.
