Columbus Mayor Andrew J. Ginther said at a press conference Saturday that city residents should expect more bad news in the coming days and weeks about the ransomware attack that dumped a ton of data and personal information about city employees and citizens onto the dark web.
The press conference marked the first time the mayor publicly acknowledged that civilian data was included in the massive data breach that potentially put 500,000 Columbus residents at risk and their finances at risk.
Ginther said Saturday that he has yet to see a single written report from the IT experts investigating the incident.
The mayor also did not say who was conducting the technical assessments, which have repeatedly been found to be false or at least underestimates of the damage, and could not explain why it took four days for him to first acknowledge that something unusual had happened, beyond saying the scale of the incident was under investigation.
The press conference came days after local cybersecurity experts made statements contradicting a number of assurances previously given by Ginther about the nature of the data stolen by a group known for attacking local governments and institutions that lack proper IT security.
The violations have already led to a lawsuit, and the city announced Friday that Gov. Mike DeWine had deployed the Ohio National Guard to help Columbus address the disorder, a request Ginther said he made in late July.
“You know, we have a team of people that have been working with us since the beginning,” he said. “At the end of the day, I’m the mayor. The responsibility is on me.”
“That was the best information we had at the time. Obviously, we have discovered that it was inaccurate information and I must take responsibility for that.”
Asked whether the information he received was in the form of a written report that could be shared with the press, Ginther said he had not received any written report so far about a problem that involves multiple systems, hundreds of thousands of victims and potentially millions of dollars in taxpayer costs.
Ginther said the city is still trying to determine why IT investigators underestimated the extent of the damage and the information that was leaked.
When asked what he would say to people who think he wasn’t telling the truth about the situation, Governor Ginther responded, “I take full responsibility for sharing the best information I had at the time, which we have since learned was inaccurate,” according to a source cited by news outlets and citizen cybersleuths. Governor Ginther said the expansion of credit monitoring demonstrates his commitment to protecting residents.
The mayor also initially told television reporters in an interview Friday that he wasn’t prepared to expand credit monitoring of city employees to members of the public whose accounts may have been compromised by foreign cybercriminals, but then just hours later he could not provide details about why he would announce just such a program. The program, he said Saturday, would cost millions of dollars in taxpayer money.
Columbus’ credit watch over cyberattacks could cost taxpayers millions
Mayor Ginther announced Friday afternoon that the city would offer free credit monitoring services to all residents after personal information was stolen and exposed on the dark web in a ransomware cyber attack last month.
But he hinted that more bad news was imminent and that the “investigation” would likely continue for several more months. Ginther said the city was first focused on getting its systems back up and running. The city has invested about $12 million in cybersecurity over the past five years, but “clearly we have to do more.”
Ginther said the city has not paid the ransom so far: The Rishida cybercrime group had demanded $1.66 million in Bitcoin to prevent the data from being published on the dark web.
more:What is the Dark Web? It’s not just hackers and drug deals, but there’s a lot of that
“Given what we know today, we believe there is more information out there on the dark web that could potentially be exposed,” Ginther said. While that has not been confirmed, the company has expanded credit checks to include citizens under the assumption that more personal information “will be exposed.”
“We encourage anyone who has any dealings with the city of Columbus, including the Municipal Court, to go to the website the mayor mentioned and sign up for credit monitoring services,” City Attorney Zach Klein said. This serves as the official notice by the city required by state law to inform individuals that their personal information may have been compromised.
“I’m not an IT expert, I’m the mayor,” Ginther said at a news conference on the City Hall grounds, “and my first job is to do everything in my power to protect the hardworking Columbus families who were affected by this attack.”
Mayor Ginther announced just Tuesday that the data stolen in the scam had been encrypted and would be useless to cybercriminals, but citizen cybertroll investigators have dug through the evidence and found that the information ranges from scanned photo IDs of everyone who’s attended city council meetings in the past decade to juvenile court protective orders and even bank account information.
Cybercriminals have “access to more information”
As of Saturday, Ginther was not yet able to disclose how many city computer systems were affected or the scope of the type of data stolen. “We’ve already restored a number of systems,” he said, adding that the city was working around the clock to restore the remaining systems and would not put additional data at risk “by rushing to restore systems.”
He confirmed that the city was aware that the city attorney’s database had been hacked and information stolen, “including information on individuals involved in the justice system, including defendants, victims and witnesses.”
“I want to acknowledge how concerned I am,” he said. “At this point, unfortunately, we will likely find that these criminals have accessed and exposed even more personal information.”
And Mayor Ginther, who, like other elected officials on the all-Democrat City Council ostensibly tasked with oversight of the mayor, has avoided questions about the attack for weeks, said he would “continue to share as much verifiable information as we know it as this investigation continues to progress.”
Ginther said the new credit monitoring program, now available to all residents and anyone whose data may have been compromised, comes with $1 million in insurance against cyber fraud.
Klein said his office understands that purchasing the city’s insurance doesn’t mean residents give up their right to sue for damages, which runs through the end of November.
inquiry
@ReporterBush
