Rhysida group claims ransomware attack on the City of Columbus
The infamous Rhysida ransomware group has claimed responsibility for a cyber attack on the City of Columbus and has demanded a ransom of approximately £1.49 million in Bitcoin.
Last week, Columbus Mayor Andrew J. Ginther said in a post of X, formerly Twitter, that the City became a victim of a cyber attack on July 18 and its IT team was working diligently to recover the affected systems.
As a part of the recovery process, the team had to take several systems offline, but emergency services such as 911, citizen hotline 311 and employee payroll systems remained operational.
In a public notice published on its website, the City said that its investigation has identified a “foreign cyber threat actor attempting to disrupt the city’s IT infrastructure, in a possible effort to deploy ransomware and solicit a ransom payment from the city.”
While the City claimed to have disrupted the ransomware attack, it said it is in the process of identifying the “amount of city data potentially accessed.”
Recently, the Rhysida ransomware group claimed responsibility for the ransomware attack and listed the City as a victim on its data leak site. The hacker group said it is in possession of 6.5 terabytes of data containing database, internal logins and password, a full dump of servers with emergency services applications of the city and access from city cameras.
🚨 #CyberAttack 🚨
— HackManac (@H4ckManac) July 31, 2024
🇺🇸 #USA, City of Columbus, Ohio
Rhysida ransomware gorup took responsability for the attack to City of Columbus happened on July 18.
The hackers allegedly exfiltrated 6.5 Tb of data containing database, internal logins and password, a full dump of servers… pic.twitter.com/lEr5IXjxxs
The group has demanded a ransom of 30BTC, or approximately £1.49 million, from the City and has threatened to leak the stolen data if the ransom is not paid.
In a statement shared with the media, Mayor Ginther added that the City’s Department of Technology, the FBI and Homeland Security have provided exceptional support to the City to recover from the data security incident.
“We continue to focus on restoring city services. We appreciate the grace our residents have offered us and the dedication of our employees working to keep our city running. We will support a thorough investigation and help to educate other cities on how they can avoid falling victim to similar attacks,” Ginther added.
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543