Data stolen in Columbus Ohio ransomware attack likely unusable mayor says StateScoop
p
By
Sophia FoxSowell
pp
August 13 2024
ppThe data stolen in a ransomware attack on Columbus Ohio last month which forced the city to shut down much of its technology operations is likely unusable Mayor Andrew Ginther said TuesdayppThe personal data that the threat actor published to the dark web was either encrypted or corrupted so the majority of the data came by the threat actor is unusable Ginther told reporters at a press conference Tuesday where he called the discovery a breakthrough in the citys forensic investigation of the recent cyberattackppThe international hacking group Rhysida claimed responsibility for the July attack on Aug 2 The group published screenshots as proof of 65 terabytes of stolen city data including login information and other critical city datappA city fact sheet shared with StateScoop shows that Rhysida tried to auction the stolen data on the dark web twice once on July 31 and again on Aug 8 Forensic experts involved in the investigation believe the auctions failed because the data was corrupted or encryptedppThe fact sheet also shows that the city never received a ransom demand from the threat actorppThe threat actor claimed to have 65 terabytes of data but our forensics indicate they had far less We believe that the screenshots of the data files are the most compelling asset that they had but that sensitive files were either encrypted or corrupted We believe this is why the data auction failed Ginther said TuesdayppThe Cybersecurity and Infrastructure Security Agency last November noted in a report that Rhysida predominately attacks the education health care manufacturing information technology and government sectorsppGinther added that due to the ongoing investigation the city still needs to be careful about the information it shares with the public so as to not antagonize the threat actorppWe engaged the FBI homeland security and cyber security experts from the outset of this investigation and experts advised us that we had to be cautious not to jeopardize our systems or data he saidp
By
Sophia FoxSowell
pp
August 13 2024
ppThe data stolen in a ransomware attack on Columbus Ohio last month which forced the city to shut down much of its technology operations is likely unusable Mayor Andrew Ginther said TuesdayppThe personal data that the threat actor published to the dark web was either encrypted or corrupted so the majority of the data came by the threat actor is unusable Ginther told reporters at a press conference Tuesday where he called the discovery a breakthrough in the citys forensic investigation of the recent cyberattackppThe international hacking group Rhysida claimed responsibility for the July attack on Aug 2 The group published screenshots as proof of 65 terabytes of stolen city data including login information and other critical city datappA city fact sheet shared with StateScoop shows that Rhysida tried to auction the stolen data on the dark web twice once on July 31 and again on Aug 8 Forensic experts involved in the investigation believe the auctions failed because the data was corrupted or encryptedppThe fact sheet also shows that the city never received a ransom demand from the threat actorppThe threat actor claimed to have 65 terabytes of data but our forensics indicate they had far less We believe that the screenshots of the data files are the most compelling asset that they had but that sensitive files were either encrypted or corrupted We believe this is why the data auction failed Ginther said TuesdayppThe Cybersecurity and Infrastructure Security Agency last November noted in a report that Rhysida predominately attacks the education health care manufacturing information technology and government sectorsppGinther added that due to the ongoing investigation the city still needs to be careful about the information it shares with the public so as to not antagonize the threat actorppWe engaged the FBI homeland security and cyber security experts from the outset of this investigation and experts advised us that we had to be cautious not to jeopardize our systems or data he saidp
