Cyber Security

Columbus Ransomware Attack Bigger Than Claimed, IT Researcher Warns; City Sues Him

16 September 2024

|

Paikan Begzad

Summary

This summer, Columbus, Ohio, fell victim to a major ransomware attack tied to a group known as Rhysida, suspected to be linked to Russia or neighboring countries. The breach, which affected critical city systems, was more extensive than initially disclosed by officials. Local IT researcher and cybersecurity consultant Connor Goodwolf (legal name David Leroy Ross) uncovered over 3 terabytes of compromised data, including sensitive information on domestic violence victims, police records, and social security details, dating back to 1999.

Goodwolf’s discovery contradicted statements made by Mayor Andrew Ginther, who had downplayed the severity of the breach by claiming the hacked data was encrypted or corrupted. Goodwolf tried to alert city officials but was met with silence, leading him to share his findings with local media. In response, Columbus sued Goodwolf, issuing a restraining order that prevents him from releasing further details about the breach.

While the city claims the lawsuit is meant to safeguard confidential information, cybersecurity experts are raising concerns that this legal action may discourage future transparency regarding cyber threats. The lawsuit has sparked a debate on whether Columbus's response was appropriate and how it might impact cybersecurity research going forward.

Despite the legal challenge, the city has offered residents affected by the breach two years of free credit monitoring and is working with Legal Aid to assist domestic violence victims. Although the city has not paid the $2 million ransom demanded by hackers, the breach is a sobering reminder of the growing prevalence and severity of ransomware attacks across the U.S.

Goodwolf’s case has raised important questions about the role of cybersecurity researchers in data breaches. Experts fear that Columbus's approach could have a chilling effect on the disclosure of future cyber threats, potentially leaving other municipalities vulnerable.