The Metropolis of Columbus, Ohio, has filed a lawsuit towards safety researcher David Leroy Ross, aka Connor Goodwolf, accusing him of illegally downloading and disseminating information stolen from the Metropolis’s IT community and leaked by the Rhysida ransomware gang.
Columbus, the capital and most populous (2,140,000) metropolis in Ohio, suffered a ransomware assault on July 18, 2024, which triggered numerous service outages and unavailability of electronic mail and IT connectivity between public companies.
On the finish of July, the Metropolis’s administration introduced that no programs had been encrypted, however they have been wanting into the chance that delicate information may need been stolen within the assault.
On the identical day, Rhysida ransomware claimed duty for the assault, alleging they stole 6.5 TB of databases, together with worker credentials, server dumps, metropolis video digicam feeds, and different delicate data.
On August 8, after failing to extort the Metropolis, the menace actors revealed 45% of stolen information comprising 260,000 recordsdata (3.1 TB), exposing a lot of what they beforehand claimed to be holding.
Based on the Metropolis’s grievance, the uncovered dataset contains two backup databases containing giant quantities of information gathered by the native prosecutors and police drive, relationship again to not less than 2015, containing, amongst different issues, the private data of undercover officers.
On the day of the information leak on Rhysida’s extortion portal on the darkish internet, Columbus Mayor Andrew Ginther said on native media that the disclosed data was neither precious nor usable and that the assault had been efficiently thwarted.
A couple of hours later, Goodwolf disputed the Mayor’s declare that no delicate or precious information was uncovered by sharing data with the media about what the leaked dataset included.
In response to this, on August 12, Mayor Ginther claimed that the uncovered information was “encrypted or corrupted,” so the leak is unusable and ought to be of no concern to the general public.
Nonetheless, Goodwolf disputed these claims, sharing samples of the information with the media as an example that it contained unencrypted private information of individuals in Columbus.
“Among the many particulars laid naked have been names from home violence instances, and Social Safety numbers for cops and crime victims alike. The dump not solely impacts metropolis staff, but additionally revealed private data for residents and guests going again years,” reported NBC4.
Silencing the researcher
The lawsuit submitted by Columbus alleges that Goodwolf’s conduct of spreading stolen information was each negligent and unlawful, leading to nice concern in the neighborhood.
Furthermore, the Metropolis alleges that the leaked information is not accessible to anyone, as Goodwolf said, because it was revealed on a platform of restricted entry, requiring information to find.
“Defendant’s actions of downloading from the darkish internet and spreading this stolen, delicate data at an area stage has resulted in widespread concern all through the Central Ohio area,” reads the grievance.
“Solely people prepared to navigate and work together with the legal component on the darkish internet, who even have the pc experience and instruments essential to obtain information from the darkish internet, would find a way to take action.”
The grievance notes that Goodwolf’s sharing of regulation enforcement information and the alleged plans to create a web site for folks to see if their information was uncovered interferes with police investigations.
The Metropolis seeks a short lived restraining order, preliminary injunction, and everlasting injunction towards Goodwolf to forestall additional dissemination of stolen information. Moreover, the Metropolis is looking for damages exceeding $25,000.
In a press convention concerning the lawsuit, proven under, Metropolis Legal professional Zach Klein says that the lawsuit just isn’t about suppressing free speech, as Goodwolf can nonetheless speak concerning the leak, however is geared toward stopping him from downloading and disseminating the stolen data.