In Columbus, Ohio, hackers recently carried out a data breach targeting the city, as confirmed by Mayor Andrew Ginther. Fortunately, the stolen data was found to be unusable, and there was no exposure of personal information of city employees online. Despite the breach, no ransom request was received by the city. The incident came to light last Friday when it was discovered that the data made available on the dark web by the ransomware group Rhysida was either corrupted or encrypted.
Initially, the group claimed to have 6.5 terabytes of data, which included login credentials, emergency service records, and access to city cameras. However, a forensic investigation revealed that the actual volume of data stolen was significantly less, with the screenshots posted on the dark web being the most valuable asset the group possessed.
Following the breach, concerns were raised by city workers, particularly from the police and fire departments, about their personal information being compromised. Mayor Ginther clarified that while employee personal data was not uploaded to the dark web, there was a temporary unauthorized access during the attack. The city’s payroll system was breached, allowing access to files, although there is no evidence to suggest that any files were downloaded or shared on the dark web. Additionally, there is no indication that data pertaining to the general public was exposed.
Mayor Ginther emphasized the city’s commitment to enhancing digital security measures and providing technology training to prevent future breaches. He estimated that the costs associated with addressing the attack could amount to several million dollars upon completion. Notably, other major cities in Ohio have also faced cyberattacks in the past. Cleveland’s city hall was temporarily closed in June due to a ransomware attack, leading to the shutdown of most city systems. Similarly, Akron experienced disruptions to city functions following a digital attack in 2019.