COLUMBUS, Ohio (WCMH) — City employees are sharing frustration, confusion and fear Wednesday evening, as questions about the ransomware attack against the City of Columbus almost three weeks ago go unanswered.
The Rhysida ransomware group claimed responsibility for the hack on Columbus’ systems, and while the mayor said IT staff were able to stop them from encrypting and locking employees out, he admitted that the hackers accessed and may have taken personal data . Rhysida’s onion site on the dark web advertises it stole 6.5 terabytes, including passwords and copies of the city’s servers and databases.
Multiple cybersecurity experts confirmed for NBC4 that Rhysida is holding an auction asking for 30 bitcoin — or $1.7 million — that ends at 5:35 a.m. Thursday. The contents of the data are something the city said it won’t reveal, to protect the integrity of an investigation involving the FBI and the U.S. Department of Homeland Security.
After at least a dozen Columbus officers reported their bank accounts were tampered with, the city announced free credit monitoring services for its employees. Officials noted they should be receiving enrollment instructions in the mail on Wednesday, hours after the auction was originally supposed to end . The enrollment instructions also may arrive only hours before Rhysida’s extended deadline, but the local chapter of the Fraternal Order of Police said its members hadn’t seen anything arrive yet.