close
close

Columbus police warn of fraud after ransomware attack

Columbus police warn of fraud after ransomware attack

play

The city of Columbus believes that city data was accessed through a “foreign cyberattack,” a deputy police chief told officials in a statement released Thursday morning.

The report comes after up to a dozen police officers expressed concern that personal banking and credit card information may have been compromised. It is not yet known whether these reports – which began Wednesday afternoon – are linked to the massive cyberattack on the city that has brought down a number of city computer systems.

“Because we do not yet fully know the details of the data that was accessed at this time, I strongly encourage you to change your passwords and codes on both your personal and work devices,” LaShanna Potts, first assistant chief of the Columbus Division of Police, informed officers in an email obtained by The Dispatch.

Mayor Andrew J. Ginther’s administration continued to provide no detailed information Thursday about the extent of the damage caused on July 18, when city computer technicians discovered a cyberattack and reportedly took steps to stop it.

Glenn McEntire, spokesman for the city’s Department of Public Safety, referred questions about the extent of possible disclosure of police officers’ personal information to the mayor’s office Thursday morning.

Ginther spokeswoman Melanie Crabill responded, “We are aware of this matter” involving police officers’ financial accounts and acknowledged “that this situation is both serious and ongoing,” but the city “may not be authorized to discuss the ongoing situation or investigation in order to support an effective investigation and protect our IT infrastructure and confidential information.”

“For this reason, we cannot comment further today.”

The Dispatch reported Thursday that despite Ginther’s statement Monday that his administration had thwarted the ransomware’s encryption attempts, Rhysida, an international ransomware group that has attacked targets in the U.K., U.S. and Chile, had put stolen Columbus city government data up for sale on its dark web website on Wednesday. It was not immediately clear what information was for sale.

“Late Wednesday afternoon, more and more officers started contacting us and saying, ‘Hey, I think my data may have been compromised,'” said Brian Steel, president of the Fraternal Order of Police Capital City Lodge #9, the city officers’ union.

“We’re just telling our members to be proactive, sign up for monitoring services, change their bank account numbers for direct deposit and all those things,” Steel said. “The more calls that come in, the more I believe it’s because of the data breach.”

About a dozen officials have noticed the problems so far, Steel said, noting that there had been no prior warning from the city administration that employees’ personal data could be at risk.

“Some people say, hey, my credit cards were hacked. Others say there were (problems) with my bank account. I got notifications that someone was trying to open a line of credit in my name. … Another person said there was money taken out of my bank account that I didn’t withdraw.”

When the union asked the city for advice, “they had kind of a script” that they followed, Steel said.

Potts’ message to officials added: “We have been significantly impacted by a foreign cyberattack that aimed to disrupt the city’s IT infrastructure. Although an encryption attempt was thwarted, we believe some of our data was accessed. The investigation remains very slow.”

City departments still hampered after attack

Other city departments are still working to get back to full operation following the cyberattack two weeks ago. On Thursday, the city’s parking services website posted this note at the top: “We are currently experiencing technical issues and are only accepting CASH payments for the release of impounded vehicles. Ticket and permit payments can be made online but cannot be processed at our facility. We apologize for the inconvenience.”

The Building and Zoning Department website states: “Currently, our electronic services and email access are disabled, however, we are accepting paper applications for permits, licenses and registrations. Zoning Department applications and confirmation letters can be dropped off at our office and inspections can be requested by phone during business hours.”

“Thank you in advance for your patience and understanding. We will inform you when our normal operations resume.”

Regarding the city’s 311 complaint hotline, which was only accessible on paper due to the cyberattack, the website states: “Update: As of Wednesday, July 31, the 311 website and mobile app are accepting service requests.”

Steve Stein, president of the Columbus Fire Fighters Union IAFF Local 67, said he was not aware of any similar problems facing firefighters.

But he spoke to Steel on Thursday morning, and “it sounds like there were data leaks on the police side,” Stein said. “It sounds like they have real problems.”

[email protected]

@ReporterBush