City of Columbus, Ohio Faces Data Auction Threat from Rhysida Ransomware Group

The City of Columbus, Ohio, is currently facing a major cybersecurity crisis as more than 6 terabytes of sensitive data, allegedly belonging to the city, is being auctioned off by the Rhysida ransomware group. The gang reportedly stole this data during a cyberattack that took place in July.

Despite the attack, critical services such as 911 and 311 remained operational, thanks to the quick response of the city’s Department of Technology. However, the attackers managed to exfiltrate a massive amount of data from the city’s government systems.

The Rhysida group, known for its double-extortion tactics, posted about the stolen data on their dark leak site, offering it up for auction for a price of 30 bitcoins, equivalent to approximately $1.9 million. The gang also provided samples of the stolen data as proof of their claim.

Mayor Andrew J. Ginther emphasized the importance of restoring city services and ensuring the safety of residents’ information. The city has enlisted the help of the FBI and Homeland Security in the recovery process and plans to notify affected residents.

Rhysida, a relatively new ransomware group, has targeted various sectors, including government, healthcare, and education. Their modus operandi involves selling hacking tools to other groups and practicing double extortion tactics.

As the investigation into the attack continues, the City of Columbus is focused on recovering from this cyber incident and preventing similar attacks in the future. The incident serves as a stark reminder of the growing threat posed by ransomware groups like Rhysida.