Ransomware Group: RHYSIDA

VICTIM NAME: Oregon Department of Environmental Quality

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the RHYSIDA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves the Oregon Department of Environmental Quality, a public sector organization in the United States. The attack was discovered on April 15, 2025, and reportedly impacted over 2.5 terabytes of data, including SQL databases and employee information. The organization believes their data was not compromised, but evidence suggests otherwise. The leak appears to include a substantial amount of internal information, and the attackers have indicated they are waiting for suggestions or instructions. The incident highlights the significant risks faced by government agencies in protecting sensitive data from cyber threats.

The attackers, identified as group Rhysida, have published details about various info-stealers used during the attack, such as RedLine, Lumma, and Raccoon, among others. They have also provided statistics related to the number of credentials and infostealer activity, revealing the scope of the data breach. The leak page contains references to multiple third-party domains, and the incident underscores the importance of cybersecurity measures within public organizations. Although no explicit screenshots or download links are provided, the seriousness of the breach is evident from the detailed statistics and the volume of leaked data.