Investigators say the attackers gained access through a website download, and the city is working to identify individuals whose personal information may have been compromised.
COLUMBUS, Ohio — Columbus Mayor Andrew Ginther’s office announced that foreign cyber threat actors attempted to disrupt the city’s IT infrastructure and deploy ransomware to demand a ransom payment from the city.
Ginther’s office said the city’s technology department found evidence of a system anomaly on July 18. Once the threat was identified, the department cut off internet connections to mitigate the threat to city systems.
Ginther said 911 and 311 were functioning but were also affected by the unusual event. City employees were unable to send or receive external email. The city said as of Monday that external email was working.
“The best way to explain what happened to the residents of Columbus is that there were burglars in our house who tried to lock us out of the house and we stopped them,” Ginther said.
The FBI and Department of Homeland Security have been called in to help investigate the situation.
Investigators initially believed the cybersecurity incident originated from an email link, but later discovered that the attackers gained access to the city’s systems through a website download.
“The City of Columbus was the victim of a crime perpetrated by a proven, sophisticated threat actor operating overseas. I am grateful to the Technology Office, the FBI and the Department of Homeland Security for their swift and bold action to protect our IT systems, residents and employees,” Ginther said. “We remain focused on restoring City services. We appreciate the generosity of our residents and the dedication of our employees who work hard to keep our City running. We will support a thorough investigation and educate other cities on how to avoid becoming victims of a similar attack.”
The mayor said he is identifying individuals whose personal information may have been compromised and will provide guidance in the coming weeks.
Ginther said efforts continue cautiously to fully restore service to Columbus residents, with the technology department working on a methodical process to ensure the system is hardened against further intrusions before bringing it back online.
“This case is not over yet,” Ginther said. “I want to emphasize that to you and to the public. We have to be very careful about protecting our employees, protecting the public and protecting their data. I wanted to share this information with all of you.”
Local News: Recent Coverage ⬇️
