The City of Columbus, Ohio, recently notified 500,000 residents that their personal data may have been compromised in a ransomware attack that occurred in mid-July 2024. Originally, officials claimed that only corrupted data had been taken, but a security researcher has since revealed that the data was actually exfiltrated and posted on the dark web. This breach, which took place on July 18, forced the city to shut down critical systems and disrupt various municipal services in an attempt to contain the breach.
The Rhysida ransomware group has claimed responsibility for the attack. This cybercriminal organization, reportedly linked to Russian threat actors, initially demanded a ransom from Columbus, stating that they had stolen 6.5 TB of data. After failed negotiations with the city, Rhysida allegedly uploaded 3.1 TB of this data to their dark web leak site. This breach has now been labeled as one of the most significant public sector data breaches in recent times.
The compromised data includes a wide range of sensitive information, such as databases, password logs, cloud management files, employee payroll records, and even footage from city traffic cameras. This revelation sparked a legal battle between Columbus and security researcher David Leroy Ross, also known as “Connor Goodwolf.” Ross’s disclosure contradicted the city’s earlier claims about the nature of the stolen data and led to a lawsuit being filed against him in early August.
In response to the breach, Columbus has vowed to enhance its cybersecurity protocols to prevent similar incidents in the future. With a population of 915,000, the city informed the Maine Attorney General’s Office that approximately 55% of its residents could be affected by the breach. As a gesture of goodwill, Columbus is offering two years of free credit monitoring and identity protection services to impacted residents.
The city officials are now facing mounting pressure from the public to improve data protection measures and ensure transparent communication about the extent of the breach. It remains to be seen how Columbus will navigate the aftermath of this cyber attack and what steps they will take to prevent future breaches.自治
Overall, this ransomware attack on the City of Columbus serves as a stark reminder of the growing threat posed by cybercriminals and the critical importance of robust cybersecurity measures in safeguarding sensitive data. As cities and organizations continue to digitize their operations, the risk of cyber attacks only continues to rise, underscoring the need for proactive cybersecurity strategies and swift responses to incidents like these.