Rhysida Ransomware Group Claims Breach of Peruvian Government, Authorities Deny Compromise The Rhysida ransomware gang has added the Peruvian government to its data leak site, alleging a breach of the gob.pe portal and demanding a 5 Bitcoin ransom (approximately $471,000). The group claims to have exfiltrated sensitive documents, though Peru’s Ministry of Government and Digital Transformation has firmly denied any compromise of its primary digital platform. In a statement, the government confirmed that www.gob.pe remains fully operational and dismissed reports of a domain hijacking as inaccurate. However, it acknowledged a separate cyberattack targeting www.satp.gob.pe, the tax administration website for the regional capital Piura. The attack, which occurred in late March 2025, briefly disrupted operations but was resolved within 48 hours. Authorities stated no data was stolen during the incident. The National Center for Digital Security (CNSD) responded by activating preventive measures and launching an investigation in coordination with national and international entities. The agency is also working directly with the affected institution to assess the scope of the attack. While Rhysida’s claims remain unverified, the incident underscores ongoing cyber threats to government infrastructure in the region.