More than 470,000 individuals across Ohio's City of Columbus and even outside the state were disclosed by cybersecurity expert Connor Goodwolf to have had their personal and sensitive data exposed as a result of a Rhysida ransomware attack against the city in July just hours after the leaked data was downplayed by Columbus Mayor Andrew Ginther to be encrypted and unusable, The Columbus Dispatch reports.
While only city employees were reported by officials to have been affected by the incident, Goodwolf noted that information exfiltrated and exposed by Rhysida included those of city hall visitors, sexual assault and domestic violence victims, and youths who were crime suspects or victims, as well as names belonging to police officers who have been subpoenaed. Also identified in the data dump were records from the office of City Attorney Zach Klein. "This data could be used for a lot of unlawful purposes. I can create a CashApp account, open a utility account, or even shut off someone's utilities," said Goodwolf.