Rhysida posted on the dark web, alleging they possess passwords, internal logins, servers, and emergency server applications
An international ransomware organisation has announced its intention to auction off thousands of files, allegedly stolen from the city of Columbus. The cyberattack has raised concerns about the security of the city’s data and the potential risks of sensitive information being made public.
Trent Milliron, CEO of Kloud9 IT, a cybersecurity company with offices in Columbus and Cleveland, described the situation as “a mob-style run enterprise.” The hacker group, identifying itself as Rhysida and based overseas, claims to have taken more than six terabytes of data from the city. They are demanding a ransom of 30 bitcoin—equivalent to nearly $2 million—to prevent the sale of this data.
Rhysida posted on the dark web, alleging they possess passwords, internal logins, servers, and emergency server applications. They also claim to provide buyers with full instructions for accessing databases.
Milliron reviewed screenshots of the data, which ABC 6 provided to him as evidence of the breach. “I could tell just by looking; there is a lot of data here,” he remarked. “There looks like a lot of video data from cameras and things like that.” His analysis suggests the hackers penetrated the system deeply, acquiring significant information.
Upon being alerted to the cyber hack, the city disconnected from the web, preventing a more extensive data theft. However, Milliron speculated that the hackers had been active within the network for an extended period, possibly months or years. “More than likely, when they got access to this network, they were probably in this network for months or even years,” he noted. “Oddly, when hackers get access to a system, they usually hang around before doing anything.”
The incident highlights the persistent threat posed by cybercriminals and underscores the importance of robust cybersecurity measures to protect sensitive data from being exploited.
