City of Columbus

In July 2024, the City of Columbus, Ohio, faced a ransomware attack that initially aimed to disrupt its IT infrastructure. Although the attack was thwarted with no systems encrypted, the Rhysida ransomware gang claimed to have stolen 6.5 TB of data, impacting personal and financial information of 500,000 individuals. This included employee credentials, emergency services data, and access to city cameras. The attack resulted in 3.1 TB of data being leaked on the dark web. The city offered credit and dark web monitoring services to affected individuals, and while there has been no reported misuse of the data for identity theft or fraud, the incident raises significant concerns about cybersecurity and data protection.

Source: https://securityaffairs.com/170568/data-breach/city-of-columbus-ransomware-attack-impacted-500000-people.html

TPRM report: https://scoringcyber.rankiteo.com/company/city-of-columbus

"id": "cit000110524",
"linkid": "city-of-columbus",
"type": "Ransomware",
"date": "11/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 500000,
                        'industry': 'Public Administration',
                        'location': 'Columbus, Ohio',
                        'name': 'City of Columbus, Ohio',
                        'type': 'Government'}],
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 500000,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['employee credentials',
                                              'emergency services data',
                                              'access to city cameras']},
 'date_detected': '2024-07',
 'description': 'In July 2024, the City of Columbus, Ohio, faced a ransomware '
                'attack that initially aimed to disrupt its IT infrastructure. '
                'Although the attack was thwarted with no systems encrypted, '
                'the Rhysida ransomware gang claimed to have stolen 6.5 TB of '
                'data, impacting personal and financial information of 500,000 '
                'individuals. This included employee credentials, emergency '
                'services data, and access to city cameras. The attack '
                'resulted in 3.1 TB of data being leaked on the dark web. The '
                'city offered credit and dark web monitoring services to '
                'affected individuals, and while there has been no reported '
                'misuse of the data for identity theft or fraud, the incident '
                'raises significant concerns about cybersecurity and data '
                'protection.',
 'impact': {'data_compromised': ['employee credentials',
                                 'emergency services data',
                                 'access to city cameras'],
            'identity_theft_risk': ['personal and financial information of '
                                    '500,000 individuals']},
 'initial_access_broker': {'data_sold_on_dark_web': True},
 'motivation': 'Data theft and disruption',
 'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Rhysida'},
 'response': {'third_party_assistance': ['credit and dark web monitoring '
                                         'services']},
 'threat_actor': 'Rhysida ransomware gang',
 'title': 'Ransomware Attack on City of Columbus, Ohio',
 'type': 'Ransomware'}