COLUMBUS, Ohio - In a recent press briefing, Mayor Andrew Ginther publicly addressed the cybersecurity attack that has plagued the city of Columbus since July. The attack was initially discovered on July 18, when the city's technology department detected abnormalities within its system. Immediate action was taken to sever the internet connection and reduce the potential threat to the city's infrastructure.

Initially, investigators believed that the cyber incident was initiated via an email link. However, further investigation revealed that the threat actor gained unauthorized access to the city's system through a downloaded website. Mayor Ginther confirmed during the briefing that "personally identifiable information" had been leaked onto the dark web. This includes data from the city prosecutor's office, such as details on criminals, victims of crime, and witnesses.

Additionally, Mayor Ginther admitted that more personal information may have been accessed and could potentially be published on the dark web. Experts have stated that anyone who visited City Hall and swiped their driver's license in the past ten years, as well as individuals who have interacted with the Columbus City Attorney's Office, may be affected by this data breach. This includes victims, suspects, and individuals who have been subpoenaed by the court or law enforcement.

Previously, Mayor Ginther had acknowledged reports of city and personal data being leaked on the dark web, claiming that the files were corrupted or encrypted, making them "totally unusable." However, he now admits that this information was inaccurate and takes responsibility for sharing it during interviews.

The mayor emphasizes that the cyberattack is a complex situation and that the investigation is ongoing. He promises to be transparent and honest with the public about the findings. "My number one job is to do everything I can to protect the residents of Columbus," Mayor Ginther stated.

In response to the incident, the city announced on August 2 that it will be providing credit monitoring services to its employees as a precautionary measure. This service has now been expanded to include all citizens impacted by the cyberattack.

As the repercussions of the ransomware attack continue to unfold, two Columbus-based law firms, Cooper Elliott and Meyer Wilson, have filed an amended complaint expanding their class action lawsuit against the city. The initial suit represented city employees affected by the data breach, but now includes any resident impacted by the cyberattack. The lawsuit alleges that the city failed to safeguard sensitive data following the attack.

Efforts to contain and mitigate the effects of the cyberattack are ongoing, and the city of Columbus remains steadfast in its commitment to diligently investigate the incident and protect its residents' personal information.