The city of Columbus, Ohio, announced on May 29, 2024, that a ransomware attack forced its systems offline. According to its notice, the attack was perpetrated by “an established, sophisticated threat actor operating overseas,” and that it was working with law enforcement to investigate the incident. The culprit behind the ransomware attack is reported to be Rhysida.
According to Security Week, the ransomware group posted the city’s data on the dark web, including individuals’ names, addresses, dates of birth, bank account information, driver’s license information, Social Security numbers, and other identifying information. Columbus reported to the Maine Attorney General that it is notifying 500,000 individuals that their personal information was affected by the incident, and is offering those who are affected 24 months of credit monitoring and dark web monitoring.