City of Columbus sues researcher for sharing leaked ransomware data


The City of Columbus, Ohio, has taken legal action against a security researcher who shared leaked data from a ransomware attack against the city with members of the news media.

A lawsuit filed last week alleges that the actions of software development consultant David Leroy Ross Jr., who also goes by Connor Goodwolf, risks “irreparable harm” to the city and its residents via the exposure of sensitive stolen data. The city alleges Ross downloaded the data from the dark web, after it was leaked by the Rhysida ransomware gang and “is threatening to share the City’s stolen data with third parties who would otherwise have no readily available means by which to obtain the City’s stolen data,” according to the complaint filed by Westley M. Phillips, the city’s lead attorney for civil litigation.

Read more…
Source: SC Media


Sign up for our Newsletter


Related:

  • Northern Ireland: Disabled former police officers to receive damages for alleged data breach

    May 30, 2024

    Disabled former policemen and women in Northern Ireland are to receive undisclosed damages for an alleged data breach, their lawyer revealed today. Financial settlements were reached in legal action against the Charity Commission for Northern Ireland. Proceedings related to an investigation by the Commission into the workings of the Disabled Police Officers’ Association back in 2014. ...

  • Optus sued by regulator over 2022 cyber-attack

    May 23, 2024

    Australia’s Communications and Media Authority (ACMA) has begun legal action against Optus, the country’s second largest telco, over a data breach it suffered in 2022. The watchdog has filed legal proceedings to the Federal Court, alleging that Optus “failed to protect the confidentiality of its customers’ personal information from unauthorised interference or unauthorised access,” and was ...

  • Ireland: More than 470 legal proceedings issued against health service after ransomware hit

    May 14, 2024

    More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...

  • Tennessee: New state law to protect entities under cyber attack from class action suits amid Ascension Health hack

    May 13, 2024

    Another healthcare system is under a cyber attack, and while it’s unclear what, if any information has been accessed, a soon-to-be law will prevent those whose information may have been exposed from filing a class action lawsuit against entities that are hacked as long as the organization wasn’t grossly negligent. According to a spokesperson for Ascension ...

  • Portland-based BerryDunn faces lawsuits over data breach affecting 1.1M people

    May 6, 2024

    A Maine accounting firm has been sued after a data breach exposed the personal information of more than a million people. BerryDunn, an accounting firm based out of Portland, is facing lawsuits from nine different people. The lawsuits claim that names and Social Security numbers of 1.1 million people were exposed in the breach involving one ...

  • Grindr facing UK lawsuit over alleged data protection breaches

    April 22, 2024

    Gay dating app Grindr is facing a mass data protection lawsuit in London from hundreds of users who allegedly had their private information, including HIV status, shared with third parties without consent, a law firm said on Monday. Austen Hayes, which said the lawsuit is being filed at London’s High Court, said thousands of Grindr users ...