The City of Columbus, Ohio, confirmed that a July ransomware attack led to the theft of personal data belonging to 500,000 residents. Hackers accessed information, including names, birth dates, addresses, identification documents, Social Security numbers, and bank details, according to a regulatory filing with Maine’s attorney general. Columbus identified the attacker as a “foreign cyber threat actor” who infiltrated the city’s network.
Columbus, Ohio’s capital and most populous city with nearly 900,000 residents, reported that approximately half a million people were affected, but the exact number of victims remains undisclosed. On July 18, the city faced a ransomware attack that it claimed to have mitigated by disconnecting its network from the internet.
Rhysida, a known ransomware group, took responsibility for the attack in August, having previously targeted the British Library. The gang claimed to have stolen 6.5 terabytes of data, including databases, employee credentials, emergency service applications, and footage from city surveillance cameras. Reports suggest that Rhysida demanded 30 bitcoin—valued at $1.9 million at the time—to return the data.
Following the breach, Mayor Andrew Ginther stated that the stolen data had likely been “corrupted” and was “unusable.” This claim was challenged when cybersecurity expert David Leroy Ross, known as Connor Goodwolf, revealed the availability of personal data on the dark web. In response, Columbus filed a lawsuit against Ross in September, accusing him of threatening to share the stolen data. A temporary restraining order was issued, restricting Ross from accessing the information.
Featured image courtesy of The Register
Follow us for more updates on Columbus’ ransomware attack.