Cyber gang Rhysida claims data theft from Stuttgart city
The criminal organization Rhysida claims to have stolen extensive documents from the IT systems of the city of Stuttgart and is demanding ransom.
(Image: heise medien)
The cyber gang Rhysida claims to have infiltrated the city of Stuttgart and copied sensitive documents from its IT systems. The online gang is demanding ransom. Stuttgart is currently investigating the claims.
Overall, Rhysida is currently running a seven-day countdown on its darknet site. During this time, “exclusive, unique, and impressive data” from the state capital Stuttgart is for sale. Interested parties can pay 5 Bitcoin, which at the current exchange rate is around 333,000 Euros. The criminal perpetrators promise to sell the data only once, with the buyer(s) remaining the sole owners.
On the detail page in the darknet for the Rhysida attack, a few heavily downscaled images of scanned and photographed documents, invoices, and faxes can be seen. The scope and potential sensitivity of the data cannot be inferred from these.
City of Stuttgart investigates
When asked by heise online about the alleged attack, a spokesperson for the state capital of Baden-Württemberg was rather tight-lipped. “The published information is currently being examined together with the responsible authorities. According to the current status, the state capital of Stuttgart has no indications of a cyber incident. Further details cannot be provided at this time due to ongoing investigations.”
Apparently, the attack is limited. The city's website can still be accessed without problems. Communication is also possible. It also appears that no data has been encrypted, as was common in previous ransomware attacks.
Videos by heise
The cyber gang Rhysida has been active for years; in 2023, for example, the British Library fell victim to them, which then struggled with weeks of downtime. At that time, data encryption was often observed, although the Rhysida gang made beginner mistakes in implementing the encryption, which allowed South Korean IT researchers to develop and provide a free decryption tool. Last year, they also attacked the German Welthungerhilfe and stole data there as well; at that time, the gang demanded 20 Bitcoin, four times as much as from Stuttgart now.
(dmk)
