Metropolis of Columbus: Information of 500,000 stolen in July ransomware assault

​The Metropolis of Columbus, Ohio, notified 500,000 people {that a} ransomware gang stole their private and monetary data in a July 2024 cyberattack.

Ohio’s capital metropolis (with a inhabitants of over 905,000) was hit by the ransomware assault on July 18. The ensuing outages affected varied providers and IT connectivity between public businesses.

Metropolis officers introduced on the finish of July that no methods had been encrypted and revealed that the Metropolis’s administration was nonetheless investigating the likelihood that delicate information had been stolen in the course of the breach.

The Rhysida ransomware gang claimed the assault the identical day, alleging that they had stolen databases containing 6.5 TB of knowledge, together with worker credentials, metropolis video digicam feeds, server dumps, and different delicate data.

After failing to extort the Metropolis, the menace actors began leaking the stolen information, publishing 45% of stolen information comprising 260,000 paperwork (3.1 TB) on the gang’s darkish net leak portal.

Following this, Columbus Mayor Andrew Ginther informed native media that the leaked information mustn’t concern the general public as a result of it was “encrypted or corrupted.”

Nevertheless, safety researcher David Leroy Ross (aka Connor Goodwolf) disputed the Mayor’s declare, sharing samples of the leaked information with media shops as an example that it contained unencrypted private data belonging to metropolis staff, residents, and guests.

City of Columbus data leaked on the dark web
Metropolis of Columbus information leaked on Rhysida ransomware gang’s portal (BleepingComputer)

The Metropolis filed a lawsuit alleging Goodwolf’s spreading stolen information was unlawful and negligent. It sought damages of $25,000 and a short lived restraining order and everlasting injunction in opposition to the researcher to stop additional dissemination of the leaked information. A Franklin County choose issued a short lived restraining order barring Goodwolf from downloading and disseminating the Metropolis’s stolen information.

Nevertheless, regardless of the Metropolis’s earlier claims that the leaked information was unusable, as proven in breach notification letter samples filed with Maine’s Workplace of the Legal professional Normal, it notified 500,000 people in early October that the attackers stole and printed a few of their private and monetary data on the darkish net.

“The information involved in the Incident may have included your personal information, such as your first and last name, date of birth, address, bank account information, driver’s license(s), Social Security number, and other identifying information concerning you and/or your interactions with the City,” the breach notification letters reveal.

Though the Metropolis has but to seek out proof their information was misused, it advises the people impacted by this breach to observe their credit score stories and monetary accounts for indicators of suspicious exercise.

It’s now additionally offering 24 months of free 24 months Experian IdentityWorks credit score monitoring and id restoration providers.

Recent articles