Columbus investigating potential data leak after ransomware attack

The federal government of Columbus, Ohio mentioned it’s conscious of claims made by a ransomware gang that troves of delicate metropolis data can be found on the market. 

The Rhysida ransomware group took credit score on Wednesday for the July 18 , threatening to leak 6.5 terabytes of exfiltrated data from the town’s programs allegedly containing emergency providers knowledge, entry to metropolis cameras and extra.

When contacted concerning the put up on Thursday, a metropolis spokesperson mentioned they’re conscious of the matter however couldn’t remark, including that the state of affairs is “each critical and ongoing.” The spokesperson mentioned they may not share additional particulars as a result of they’re supporting “an efficient investigation” and have to “shield our IT infrastructure and confidential data.”

When requested concerning the potential for metropolis worker knowledge to have been leaked, the spokesperson informed Recorded Future Information that these affected can be contacted and given extra steerage. She couldn’t present a timeline for when extra data can be launched.

The feedback come after the town printed an announcement on Monday claiming they’d “thwarted” the ransomware assault and had been capable of “considerably restrict potential publicity.”

“Whereas the menace actor’s exercise was disrupted, an investigation is ongoing to find out the quantity of metropolis knowledge doubtlessly accessed,” the assertion acknowledged. 

The hacker gained entry to the town’s programs “by way of an web web site obtain and never an e mail hyperlink, as was initially believed to have been the entry level,” metropolis investigators mentioned.

The FBI and the Division of Homeland Safety have been concerned within the response because the assault was found on July 18.  

Columbus mayor Andrew Ginther mentioned the town was “the sufferer of a criminal offense dedicated by a longtime, subtle menace actor working abroad.” 

“We proceed to concentrate on restoring metropolis providers,” he mentioned. “We admire the grace our residents have provided us and the dedication of our workers working to maintain our metropolis working.” 

The town’s division of expertise is working with federal authorities and consultants to undergo every expertise system earlier than they’re introduced again on-line. 

Authorities e mail entry has been restored after greater than per week of outages. 911 in addition to 311 have been capable of stay operational all through the restoration course of. 

Rhysida ransomware actors proceed a streak of ruthless assaults towards childrens’ hospitals, church buildings, libraries, governments and industry-leading firms. The gang most just lately provided on the market the Social Safety numbers and monetary account data of 1000’s of scholars attending New Jersey Metropolis College.

Rhysida is providing the alleged knowledge from the federal government of Columbus for 30 BTC — about $1.9 million — and set a ransom deadline of 1 week.

Be taught extra.