[ad_1]
The city of Columbus, Ohio’s capital, confirmed that hackers stole the personal data of about 500,000 residents during a ransomware attack in July.
In a Deposit Columbus confirmed, with the Maine Attorney General, that a “foreign cyber threat actor” compromised its network to access information including residents’ names, dates of birth, addresses, identification documents, Social Security numbers and bank account details.
The city, which is the most populous in Ohio with a population of about 900,000 people, says about half a million people have been affected, although it has not confirmed the exact number of victims.
The regulatory filing comes after Columbus was the target of a ransomware attack on July 18 of this year, which the city carried out. He claimed To be “thwarted” by disconnecting its network from the Internet.
Rhysida, the ransomware gang responsible for the cyberattack on the British Library last year, claimed responsibility for the attack on Columbus in August. At the time, the gang said it stole 6.5 terabytes of data from the city in Ohio, including “databases, internal logins and passwords for employees, an entire inventory of servers with city emergency services applications and… access from city video cameras.” “According to Local news reports.
Rhysida demanded 30 bitcoins, about $1.9 million at the time of the cyberattack, as payment for the stolen data.
Two weeks after the cyberattack, Columbus Mayor Andrew Ginther told the public that the stolen data was likely “corrupted” and “unusable.”
The accuracy of Ginther’s statement came into question the next day after David Leroy Ross, a cybersecurity researcher also known as Connor Goodwolf, revealed that the personal information of hundreds of thousands of Columbus residents had been listed on the dark web.
In September, Columbus filed a lawsuit against Ross, alleging that he was “threatening to share stolen city data with third parties who would have no available means of obtaining the stolen city data.” The judge issued a temporary restraining order against Ross, preventing him from accessing the stolen data.
In a list on its leak site, seen by TechCrunch on Monday, Rhysida claims to have uploaded 3.1 terabytes of “unsold” data stolen from Columbus, which amounts to more than 250,000 files.
[ad_2]