A ransomware gang claims to have hacked the conservative media outlet the Washington Times and is threatening to auction off its data.
The group, a cybercrime gang known as Rhysida, announced in a post Tuesday to its site on the dark web that it would make the information available to the highest bidder in one week.
“With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” the group wrote. “Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”
The group lists the price for the data at 5 Bitcoin, currently worth approximately $295,198.50.
While the group does not detail what the data supposedly includes, a screenshot accompanying the post shows what appear to be scans of numerous documents, including a Texas driver’s license and Social Security card.
In a statement to the Daily Dot, cybersecurity analyst Dominic Alvier said that based on the screenshot, it did not look as if the hackers obtained any critical data beyond what could be personal information linked to an employee.
The Daily Dot reached out to Rhysida to inquire about the alleged breach but did not receive a reply. It also remains unclear whether the hacking group entered into negotiations with the outlet.
As of Wednesday afternoon, the Washington Times does not appear to have publicly commented on the purported hack.
The outlet did not respond to an email sent by the Daily Dot by press time.
An advisory from the U.S. government last year notes that Rhysida, which leases out its ransomware to cyber criminals through a subscription-based model known as Ransomware as a Service (RaaS), targeted “the education, healthcare, manufacturing, information technology, and government sectors since May 2023.”
The group made headlines earlier this month after hacking a Florida county law enforcement agency and threatening to leak data including scans of driver’s licenses as well as fingerprints.
Rafe Pilling, the director of threat research at cybersecurity firm Secureworks, previously stated that while the identity of those in Rhysida remains unknown, the group displays patterns of behavior often seen from cybercriminals in Russia, Belarus, and Kazakhstan.
Internet culture is chaotic—but we’ll break it down for you in one daily email. Sign up for the Daily Dot’s web_crawlr newsletter here. You’ll get the best (and worst) of the internet straight into your inbox.