Mayor of Columbus, Ohio, says ransomware attackers stole corrupted, unusable data

COLUMBUS, Ohio (AP) — Hackers recently stole data from Ohio’s largest city, but what they got was not usable and no personal information about city workers was made available online, the mayor said.

Columbus Mayor Andrew Ginther confirmed the data breach and noted Tuesday that the city never received a ransom request. The city learned Friday that most of the data published to the dark web by the ransomware group Rhysida was corrupted or encrypted, he said.

The group initially claimed to have 6.5 terabytes of stolen data — including log-in information, emergency service files and city camera access — that it unsuccessfully put up for auction. But Ginther said the city’s forensics indicated the group had far less data than that, and that its screenshots posted to the dark web were “the most compelling asset” it had.

After the breach, city workers, including police and fire, had said their personal information had been compromised. Ginther, though, said that while employees’ personal information was not uploaded to the dark web, someone temporarily accessed it during the attack.

The city’s payroll system was accessed long enough to view files, but there is no evidence files were downloaded or posted to the dark web, city officials said. There also is no evidence that data belonging to the general public was exposed.

RELATED COVERAGE What we know about suspected Iranian cyber intrusion in the US presidential race Musk’s interview with Trump marred by technical glitches The UN is moving to fight cybercrime but privacy groups say human rights will be violated

The city is now focusing on increasing digital security and technology training to prevent another breach, Ginther said.

“I think when this is all said and done, we will have spent several million dollars dealing with the attack,” Ginther said.

Other major cities in Ohio have also dealt with cyberattacks. Cleveland’s city hall was closed to the public for several days in June following a ransomware attack that forced the city to shut down most of its systems, and Akron had to shut down some city functions after a digital attack in 2019.