Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

November 4, 2024 at 12:04PM

The City of Columbus, Ohio, reported that 500,000 residents’ personal data may have been accessed in a ransomware attack by Rhysida. The breach involved sensitive information, including names, addresses, and social security numbers. Columbus offered two years of credit monitoring to affected residents and faces scrutiny over its response.

### Meeting Notes Takeaways

#### Ransomware Attack Overview
– The City of Columbus, Ohio, reported that data from **500,000 individuals** was accessed and potentially stolen during a ransomware attack by the group Rhysida.
– Approximately **3 TB** of stolen files were dumped on Rhysida’s blog after the city did not pay the ransom.

#### Data Disclosure
– Columbus confirmed the scale of the attack through a filing with Maine’s attorney general.
– A letter sent to affected individuals on or around **October 7** did not provide specific victim counts or detailed descriptions of the data breach.

#### Types of Exposed Data
Personal information likely accessed includes:
– First and last names
– Dates of birth
– Home addresses
– Bank account information
– Driver’s licenses
– Social Security Numbers
– Other identifying information

#### Sensitive Data Concern
– Significant data sources included databases belonging to the city’s prosecutor, which raised concerns over the exposure of information regarding:
– Domestic violence victims
– Sensitive data of police officers, crime victims (including minors), and various crime-related reports

#### Legal and Administrative Response
– Columbus filed a civil complaint against security researcher Connor Goodwolf for allegedly threatening to disseminate the stolen data.
– Mayor Andrew Ginther faced criticism for initially stating no data was compromised and subsequently revealing sensitive data had been leaked.

#### Current Situations and Actions Taken
– Ongoing investigations are needed to fully determine the breach’s nature and scope.
– City staff reported unauthorized bank account access post-attack, though an official link to the ransomware has not been confirmed.
– Columbus is offering **24 months of free Experian credit monitoring** to all residents, a broader outreach than typical practices, indicating a heightened concern for community safety.

#### Official Statements
– Mayor Ginther expressed anger and concern over the attack, emphasizing a commitment to protecting residents from potential fraud or identity theft.

Full Article