DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rhysida ransomware group claims attack on Martinique

Posted on June 4, 2023 by Dissent

A ransomware group that first emerged in May has added the government of Martinique to its leak site.

The logo of the Collectivite Territoriale de Martinique with text: "The territorial collectivity of Martinique is a single French territorial collectivity that succeeds the overseas department and region of Martinique in all their rights and obligations on January 1, 2016." 100% of documents leaked: "all files was uploaded to public access, data hunters, enjoy"

 

Although there is no current notice on Martinique’s Facebook page, on May 24, they posted a notice about the cyberattack:

A machine translation of the notice reads:

#Cyberattack
Implementation of the continuity plan

On May 16, 2023, a cyberattack impacting the Community was detected. As soon as it was discovered, measures were taken to isolate the information system and stopping the attackers: this disrupts heavily on the activities of the community and directly impacts its users and partners.

The teams, accompanied by cybersecurity experts, are mobilized to identify the causes of this attack and gradually restore the activities, in particular on the priority themes that are the finance, solidarity and education.

Regarding the solidarity services, the Collectivity makes every effort to ensure the payment of the social benefits due.

Regarding the education services, technical solutions are set up to restore internet access to colleges and high schools.The services of the rectorate and the CTM coordinate in order to ensure the good performance of exams.

Regarding financial services, from Thursday, the Community will be able to issue purchase orders and ensure the payment of bills. These must be filed in the format paper from the “mail” service in Plateau Roy.

Concerning aid and subsidy services, the filing of requests will be made in paper format to the “mail” service at Plateau Roy due to the unavailability of dedicated platforms.

There does not seem to be any update on their Facebook page since then.

Small portion of list of documents as dumped by Rhysida.
Image: DataBreaches.net

 

DataBreaches did not review all of the files leaked by the Rhysida ransomware group, but as the screencap of just a small portion of the file listing suggests, they do appear to be government-related files. Unlike other groups that often provide a brief summary of what kinds of files they are leaking, Rhysida offers no information on the size of the data leak or its contents.

 

DataBreaches attempted to contact Rhysida to ask whether they had locked Martinique’s files and whether Martinique had attempted to negotiate with them at all.  DataBreaches also sent an email to Martinique asking them a number of questions about the claimed attack and data leak. Replies were not received by publication from either, but if the attack occurred on or about May 16, and there are leaked files dating to shortly before that date, then Rhysida didn’t wait long to dump the data.

Because Rhysida ransomware first appeared in May, not much is known about the ransomware or the group. The Martinique listing is one of four listings on the leak site, with the other listings being an English school, a Swiss manufacturer, and an Australian immunodiagnostic tech firm. If Rhysida has any particular focuses or sector, it is not yet clear. And unlike some other groups like BlackCat, LockBit, and Royal, they do not seem to be listing victims to warn them publicly before leaking them. The only entries on the site currently are the ones that they have leaked totally. None of the listings indicate when Rhysida attacked or encrypted the victims.

Sentinel One and Secplicity both provide early information and analyses of Rhysida ransomware and how the group operates.

 

 

Related posts:

  • 1749 French based Sites Defaced by CwGhost.
  • Operation Anti Security Breakdown and targets, the full time line
  • Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.
Category: Breach IncidentsGovernment SectorMalwareNon-U.S.

Post navigation

← Hackers Using MOVEit Flaw to Deploy Web Shells, Steal Data
Mission Community Hospital attackers exploited vulnerabilites in Paragon and Cisco →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.