City of Columbus Sues Researcher After Ransomware Attack

After the city of Columbus, Ohio, experienced a ransomware attack in July and disclosed the event, it sued a researcher who claims the breach was bigger than the city let on.

Ohio's largest city first fell victim to an attack July 18 and quickly informed the public, claiming that it had stopped the attack before malware had infected its systems.

But in early August, the Rhysida ransomware gang leaked 3.1TB of data on its Tor-based site, information it claimed to have stolen from Columbus' systems. A few days later, Mayor Andrew Ginther acknowledged that the ransomware attackers had stolen data that was encrypted and corrupted.

A few days after this and roughly two months after the breach, the city announced free credit monitoring services to anyone who shared personal information with the city after initially saying that only employees would receive the offering.

David Leroy Ross, also known as Connor Goodwolf, quickly went to the media claiming the city wasn't telling the full truth and that the stolen data was intact and included names, Social Security numbers, and other private data, much of it dealing with police officers and crime victims.

The city has now accused Ross of colluding with the gang to obtain and said that though the information is publicly available, it's only truly accessible to those who "have the computer expertise and tools necessary to download data from the Dark Web."

It also claims that Ross' actions represent an invasion of privacy and is seeking a restraining order to prevent him from accessing the city's stolen data on the Dark Web. An Ohio judge granted a temporary restraining order that prevents the researcher from disseminating data from Rhysida's site but does not bar him from discussing the incident or the stolen data with the media.