November 4, 2024 at 09:58AM
In July 2024, a ransomware attack in Columbus, Ohio, compromised the personal data of 500,000 individuals. The Rhysida gang claimed to have stolen sensitive information and subsequently leaked 45% on the dark web. The City is offering credit monitoring services and advising impacted individuals to monitor for suspicious activity.
### Meeting Takeaways: Columbus Cyberattack Incident
1. **Cyberattack Overview**:
– In July 2024, the City of Columbus, Ohio, experienced a ransomware attack affecting over 500,000 individuals’ personal and financial information.
– The attack occurred on July 18, resulting in outages across various public service and IT systems.
2. **Response and Investigations**:
– City officials stated no systems were encrypted during the attack and are conducting further investigations.
– The Rhysida ransomware gang claimed responsibility, alleging they stole 6.5 TB of data, including sensitive information.
3. **Data Leakage**:
– After failing to extort the City, Rhysida publicly leaked 45% of the stolen data (3.1 TB), consisting of 260,000 documents.
– Columbus Mayor Andrew Ginther reassured the public that the leaked data was either “encrypted or corrupted,” a claim contested by independent researcher David Leroy Ross (Connor Goodwolf), who provided evidence that the data was unencrypted and contained sensitive information.
4. **Legal Actions**:
– The City filed a lawsuit against Goodwolf, seeking $25,000 in damages and a restraining order to prevent further dissemination of the leaked data.
– A judge issued a temporary restraining order against Goodwolf regarding the downloaded and shared data.
5. **Breach Notifications**:
– Despite prior statements about data usability, the City sent notifications to 500,000 individuals in early October, acknowledging the theft and publication of personal information including names, addresses, bank account details, and Social Security numbers.
– No evidence has been found regarding misuse of the stolen data to date.
6. **Mitigation Measures**:
– Individuals affected by the breach are advised to monitor their credit and financial accounts for suspicious activity.
– The City is offering 24 months of free Experian IdentityWorks credit monitoring and identity restoration services to impacted individuals.