The city of Columbus, Ohio’s capital, confirmed that hackers stole the personal data of 500,000 residents in a ransomware attack in July.
In a filing with the Maine Attorney General, Columbus confirmed that a “foreign cyber threat actor” had breached its network to access information including residents’ names, dates of birth, addresses, identification cards, Social Security numbers and bank account details. .
Ohio’s most populous city, with about 900,000 residents, said about 500,000 people were affected, but the exact number of victims was not confirmed.
The regulatory filing comes after Columbus was the target of a ransomware attack on July 18 of this year, which the city claimed it “stymied” by disconnecting its network from the Internet.
Rhysida, the ransomware group responsible for last year’s cyberattack on the British Library, claimed responsibility for the Columbus attack in August. At the time, the gang said it had “stole 6.5 terabytes of data from the city of Ohio, including databases, employees’ internal logins and passwords, a full dump of servers containing the city’s emergency services applications, and access to city video cameras.” ” according to a local news report.
Rishida demanded 30 bitcoins (about $1.9 million) in return for data stolen during the cyberattack.
Two weeks after the cyberattack, Columbus Mayor Andrew Ginter told the public that the stolen data was likely “compromised” and “unusable.”
The accuracy of Ginter’s statement was called into question the day after cybersecurity researcher David Leroy Ross, also known as Connor Goodwolf, revealed that the personal information of hundreds of thousands of Columbus residents was on the dark web.
In September, Columbus sued Ross, alleging that he “threatened to share the City’s stolen data with third parties who had no easy means of obtaining the City’s stolen data.” A judge granted Ross a temporary restraining order, preventing him from accessing the stolen data.
In a list of leak sites seen by TechCrunch on Monday, Rhysida claimed to have uploaded 3.1 terabytes of “unsold” data stolen from Columbus, amounting to more than 250,000 files.
