© 2024 Ideastream Public Media

1375 Euclid Avenue, Cleveland, Ohio 44115
(216) 916-6100 | (877) 399-3307

WKSU is a public media service licensed to Kent State University and operated by Ideastream Public Media.
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

Names of undercover police, crime victims found on dark web from Columbus data breach

Columbus City Hall
David Holm
/
WOSU

The latest sensitive information revealed to be leaked to the dark web from the city of Columbus's databases includes names and personal information of undercover police and child rape victims.

Cybersecurity expert Connor Goodwolf said a database he was able to download off the dark web he called the city attorney's office "matrix crime database" includes every incident report and arrest record written by officers since the mid 2010s.

This includes names of officers and victims, personal information like addresses and social security numbers, names of undercover police officers and summaries of incidents and evidence such as witness and victim statements.

Goodwolf said this even includes names of child rape victims and domestic violence survivors.

"We're talking about information as well. On victims, on suspects, on witnesses. That includes (personal identifiable information). That can include name, address, phone number, social security number, employment, the employer. All that is in here," Goodwolf said.

Goodwolf alleges that all of this sensitive data wasn't protected properly with encryption or what he calls basic cybersecurity techniques. He claims that so far the only data he has found online with such protections are city payroll data and health records.

"I can go on for hours just on this one database. It's just this information should have been protected. Common security, standard security practices should have been followed," Goodwolf said.

RELATED: Leaked list shows people banned from Columbus city buildings who were deemed security threats

Wednesday evening, Mayor Andrew J. Ginther commented on this latest batch of records found.

"As I have previously said, we can expect more personally identifiable information to be identified as having been posted on the dark web," Ginther said. "The dark web is for criminals. The people who stole data from the City of Columbus are criminals, and anyone using or disclosing stolen confidential information is a criminal.

"The FBI, City Attorney Zach Klein, our Department of Technology and cybersecurity experts continue to work around the clock on this active criminal investigation," he said.

Klein also issued a statement Thursday morning.

“In the City Attorney’s Office, we do everything within our control to protect witnesses and victims from being further victimized by these cyber criminals. That’s why my office has engaged CHOICES and Legal Aid to make sure our community partners are united in ensuring victim safety," Klein said.

"My office will continue to cooperate with the ongoing criminal investigation. Further, accessing and sharing certain types of evidence, critically sensitive investigatory information or law enforcement personnel data, or otherwise interfering with ongoing criminal investigations or prosecutions is illegal, and we will not hesitate to take appropriate legal action against any individuals who access or disclose this type of information," Klein's statement continued.

The data being leaked online traces back to cyber crime group Rhysida, who attempted to deploy ransomware after the city said an employee downloaded an infected file.

Despite the city saying it prevented the ransomware from encrypting its files, an unknown amount of city data was leaked to the dark web by the group.

The matter is still being by state, city and federal law enforcement authorities.

It was already revealed that the personal data of hundreds of thousands of city residents could have been leaked online.

The city is offering free credit monitoring to all residents.

Goodwolf said there appears to be a lot of cases that are particularly sensitive in these databases. Not just child rape victims and domestic violence cases, but also things like protection orders.

"This is just so gut wrenching. I'm just. My stomach is just doing somersaults," Goodwolf said.

Goodwolf said people should be taking advantage of the free credit monitoring but also considering other options. He mentioned ideas from as simple as changing all passwords, to opening to new bank accounts to even considering moving out of Columbus if data on a particularly sensitive crime was leaked.

The city already faces class action lawsuits from multiple plaintiffs alleging the city did not do enough to protect their personal information online. These plaintiffs include former and current members of the Columbus Divisions of Police and Fire.

Fraternal Order of Police Capital City Lodge No. 9 President Brian Steel told WOSU he is worried about the safety of undercover officers in particular.

"These guys already take a major risk. You got to remember these undercover officers, they're undercover with drug cartels, with street gangs, you name it. Organized crime. So, it's very concerning," Steel said.

Steel said the fact that the personal information of child rape victims being out on the dark web is even more concerning for him.

"This is stuff that is never intended to be out in the public because it's so heinous. The details, some of these crimes, it's just sickening," Steel said.

Steel said if it is the case that this data was not encrypted, he expects the city to be held accountable.

"If that's the case and the city is neglecting their basic duty to protect the public, to protect the crime victims, to protect their employees, then the FOP expects them to be held accountable. Same as I would expect one of my members to be held accountable if they were completely neglecting their duties like it appears the city was," Steel said.

Goodwolf said this data is available to anyone on the dark web who has his ability or even less to download and figure out how to open these files that Rhysida dropped.

Goodwolf said he thinks trust in the city after this hack has "completely eroded."

George Shillcock is a reporter for 89.7 NPR News. He joined the WOSU newsroom in April 2023 following three years as a reporter in Iowa with the USA Today Network.