An international ransomware organisation is threatening to auction off thousands of files it claims to have stolen from the city of Columbus. “It has become a mob-style run enterprise,” Trent Milliron, CEO of Kloud9 IT, a cyber security company which has offices in Columbus and in the Cleveland area said.
A hacker group claiming to be Rhysida, based overseas, said it swiped more than six terabytes of data from the city and is now threatening to sell the information for 30 bitcoin, which is a little less than $2 million, if a ransom is not paid.
Information posted on the dark web by Rhysida claims to have passwords, internal log-ins, and servers with emergency server applications. Buyers also promised full instructions for databases.
“I could tell just by looking, there is a lot of data here,” Milliron said after he reviewed screenshots ABC 6 provided to him of data Rhysida is said to have posted on the dark web to prove it is responsible for the breach.
I can see they got far into the system and basically stole all pertinent information,” Milliron said. “There looks like a lot of video data from cameras and things like that.” The city said it was able to thwart a larger data grab when it disconnected from the web after being alerted to the cyber hack. Milliron said cyber thieves were probably phishing inside servers for a while.
“More than likely, when they got access to this network, they were probably in this network for months or even years,” he said. “Oddly, when hackers get access to a system, they usually hang around before doing anything.”