"Mayor of Columbus, Ohio, Says Ransomware Attackers Stole Corrupted, Unusable Data"
Columbus Mayor Andrew Ginther recently announced that hackers recently stole data from Ohio’s largest city, but what they got was not usable and no personal information about city workers was made available online. The mayor noted that the city never received a ransom request. The city learned that most of the data published to the dark web by the ransomware group Rhysida was corrupted or encrypted. The ransomware group claimed to have 6.5 terabytes of stolen data, including log-in information, emergency service files, and city camera access. Ginther said the city’s forensics indicated the group had far less data than that and that its screenshots posted to the dark web were “the most compelling asset” it had. After the breach, city workers, including police and fire, had said their personal information had been compromised. Ginther said that while employees’ personal information was not uploaded to the dark web, someone temporarily accessed it during the attack. The city’s payroll system was accessed long enough to view files, but there is no evidence files were downloaded or posted to the dark web. There also is no evidence that data belonging to the general public was exposed.