Columbus cyberattack: Hacking group demands $2 million ransom

In July, the Columbus Department of Technology detected an abnormality in its system, leading to the suspension of internet connections to mitigate potential threats. Following this, two police officers reported unauthorized access to their bank accounts, prompting a lawsuit against the city. A hacking group later claimed responsibility for the cyberattack, demanding a ransom of nearly $2 million for the stolen data. Initially, it was believed that only police officers were affected, but a cybersecurity expert revealed that anyone who had interacted with city services over the past decade could be at risk. The leaked data included personally identifiable information from various individuals, including victims, suspects, and witnesses associated with the Columbus City Attorney’s Prosecuting Office. Mayor Andrew Ginther confirmed that sensitive information had been compromised and offered credit monitoring services to affected employees and residents. This was a significant step in addressing the fallout from the breach. As investigations continued, it was discovered that a second city database had also been hacked, containing thousands of incident reports from the Columbus Division of Fire and records from visitors to city buildings since 2006. This raised further concerns about the extent of the breach and the security measures in place to protect sensitive information. In response to the incident, plaintiffs in a second lawsuit are demanding transparency regarding the nature of the compromised data and are urging the city to implement stronger security practices to prevent future breaches. The situation highlights the vulnerabilities in municipal cybersecurity and the need for improved safeguards to protect citizens' information.