Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Oregon Department of Environmental Quality

Group: rhysida

Discovered by ransomware.live: 2025-04-15

Estimated attack date: 2025-04-15

Country: US

Description:

Oregon Department of Environmental Quality They think their data hasn't been stolen. They're sorely mistaken.Over 2.5 terabytes of unique data. (SQL, employee data and more)We are waiting for your suggestions.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 17

Compromised Users: 2299

Third Party Employee Credentials: 4

External Attack Surface: 111

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • oregon-gov.mail.protection.outlook.com.
TXT Records
  • _48r3s61o0ssgbz37n2v5vpsb0kpv9k3
  • apple-domain-verification=ayYd1MAZLS3RsocU
  • VxIWElxqbFa6vg6b+RSDPcT5+Gw6u51rCADf+zvDwecKxYnogD24uK3g+nvpy/vP9p+UPlWaXK2bqiVdDc+xgA==
  • MS=ms13446976
  • zxz2hph1qrn8qnf2hlpybxv27nwgdfjy
  • v=spf1 ip4:198.177.16.66/28 ip4:159.121.206.33 include:_spf.orshared.oregon.gov -all
  • smartsheet-site-validation=4BJDuv2e6Csh2WF2sDaX5W9BTlzRpu0N
  • adobe-idp-site-verification=9d3db4f5ea25997ab3196ccccc242b6888b71f86717827a35105753c3f4dfd0b
  • MS=ms85627398
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365