CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

City of Columbus Ransomware Attack Impacts 500,000 People

The City of Columbus says the personal information of 500,000 people was stolen in a ransomware attack.

The City of Columbus, Ohio, is notifying 500,000 individuals that their personal information was stolen in a July 2024 ransomware attack.

The incident occurred on July 18 and resulted in the city taking systems offline as a containment measure, which impacted multiple services.

In late July, the city announced that the attack was stopped before file-encrypting ransomware could be deployed on its systems.

In early August, the city sued security researcher David Leroy Ross, also known as Connor Goodwolf, for telling the local media that the personal information of residents was stolen during the attack. The city’s officials previously said that only corrupted, unusable data had been exfiltrated.

Ross discovered that the Rhysida ransomware gang had leaked on its Tor-based website 3.1 terabytes of information supposedly exfiltrated from Columbus’ systems. The group claimed the theft of 6.5 terabytes of data and leaked the information after failing to extort the city and to auction the data.

In its notification letter to the impacted individuals, a copy of which was submitted to the Maine Attorney General’s Office, the city has confirmed that the perpetrators posted on the dark web an abundance of allegedly stolen data.

The potentially compromised information, Columbus says, includes names, addresses, dates of birth, bank account information, driver’s license information, Social Security numbers, and other identifying information.

Columbus notes that it is not aware of any misuse of the compromised personal information for identity theft or fraud, but is providing the potentially impacted individuals with 24 months of free credit monitoring services, which include identity restoration assistance.

Advertisement. Scroll to continue reading.

The City of Columbus told the Maine AGO that 500,000 people might have been affected. The capital of Ohio and the most populous city in the state, Columbus is home to over 900,000 people.

Related: In Other News: FBI’s Ransomware Disruptions, Recall Delayed Again, CrowdStrike Responds to Bloomberg Article

Related: Four REvil Ransomware Group Members Sentenced to Prison in Russia

Related: Avast Releases Free Decryptor for Mallox Ransomware

Related: Fujifilm Restores Services Following Ransomware Attack

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.