Skip to main content
close search
site logo
Dive Brief

Columbus, Ohio confirms July ransomware attack compromised data of 500K people

The city notified half a million people their personal information was at risk following the attack it attributed to a foreign threat actor.

Published Nov. 6, 2024
David Jones's headshot
Reporter
A daytime shot of Columbus, Ohio, with a bridge, river and green space in the foreground. Tall buildings dot the background.
Officials in Columbus, Ohio, notified 500,000 people their personal data may have been impacted by a ransomware attack. Sean Reid via Getty Images

Dive Brief:

  • Columbus, Ohio officials notified half a million people that a July cyber intrusion was the work of a foreign threat group that attempted to extort the city in a ransomware attack, according to a notification filed with the Maine Attorney General
  • The threat group gained access to the city’s IT environment and posted evidence of the attack on the dark web, according to the letter. The city warned that personal information of those affected was at risk.
  • Rhysida ransomware previously claimed credit for the attack, posting evidence it said showed it stole 6.5 terabytes of data. The threat group was linked to the ransomware attack against the Port of Seattle.

Dive Insight:

The confirmed ransomware attack against the city of Columbus highlights a growing threat risk at the state and local government level, where small cities, counties, schools and utilities are at a growing risk of attack. 

Both the city of Columbus and Cleveland were targeted in attacks earlier this year. In response, Ohio state officials came forward with financial resources and other assistance. 

Coley Anderson, VP of Moody’s Ratings, told Cybersecurity Dive that the ability to get state-funded resources is a credit positive. 

“However, the two aforementioned attacks also exemplify that it’s a matter of when, not if, a municipality is the target of a cyberattack,” Anderson said via email. “While it is true that cyber risk awareness is growing amongst municipalities, they still lag the private sector when it comes to prevention, planning, and response.”

Suffolk County, New York, released a report in September illustrating how a ransomware attack was due to a lack of planning and ignored warnings.

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell