A ransomware group claims it hacked the Maryland Department of Transportation and is now selling sensitive, personal data on the dark web.
The website Daily Dark Web first reported the auction. The Rhysida ransomware group claims it has the full names, birth dates and home addresses of transportation agency employees. It shared images of a Maryland driver’s license, passport, Social Security card and other sensitive documents.
Part of the text reads, “Open your wallets and be ready to buy exclusive data.”
The auction for the data ends in less than a week and the starting price is 30 Bitcoin, which is worth more than $3 million.
In a statement to WTOP, Maryland Transit Administration spokesperson Veronica Battisti said, “The Maryland Transit Administration can confirm incident-related data loss at this point in our investigation.”
“At this time we are unable to disclose specific or additional details regarding what data has been lost because of the sensitivity of the ongoing investigation. If it is found that personal information has been taken, the affected individuals will be notified by the State in accordance with State law and we will take appropriate actions and provide guidance on recommended actions,” Battisti said in a statement to WTOP.
The state’s information technology department is working with third-party cyber experts to investigate the breach.
According to the Cybersecurity and Infrastructure Security Agency, Rhysida has been targeting the education, health care, manufacturing, information technology and government sectors since 2023.
Editor’s Note: The article has been updated to clarify that the investigation is ongoing as to whether personal information has been taken.
Get breaking news and daily headlines delivered to your email inbox by signing up here.
© 2025 WTOP. All Rights Reserved. This website is not intended for users located within the European Economic Area.
