#### Cyberattack Details
**Point 1**: The Oregon Department of Environmental Quality (DEQ) was reportedly targeted by the ransomware group Rhysida, which claimed to have stolen sensitive employee information and attempted to auction it. [oregonlive.com, seattletimes.com, ijpr.org]
**Point 2**: DEQ confirmed a cyberattack on April 9, disrupting services including vehicle emissions inspections and forcing employees to work from their phones. Most servers and testing stations are now operational. [oregonlive.com, seattletimes.com, ijpr.org]

#### Response and Investigation
**Point 1**: DEQ has not confirmed the theft or details about Rhysida's demands, stating the investigation is ongoing. They deny engaging in ransom discussions with any entity claiming to have stolen DEQ data. [oregonlive.com, seattletimes.com]
**Point 2**: Rhysida, known for previous high-profile attacks, released over a million files on the dark web, including DEQ employee data, claiming the files were worth 30 Bitcoins. [oregonlive.com, ijpr.org]

Oregon DEQ Faces Cyberattack by Ransomware Group Rhysida

Cyberattack Details

Response and Investigation

Sources

The Oregonian

Center

Oregon DEQ won’t say if ransomware group took employee data in cyberattack

The Seattle Times

Left-Lean

Oregon agency won’t say if hackers stole data in cyberattack

Jefferson Public Radio

Left-Lean

Hackers release millions of files after Oregon DEQ cyberattack