City of Columbus sues researcher for sharing leaked ransomware data


The City of Columbus, Ohio, has taken legal action against a security researcher who shared leaked data from a ransomware attack against the city with members of the news media.

A lawsuit filed last week alleges that the actions of software development consultant David Leroy Ross Jr., who also goes by Connor Goodwolf, risks “irreparable harm” to the city and its residents via the exposure of sensitive stolen data. The city alleges Ross downloaded the data from the dark web, after it was leaked by the Rhysida ransomware gang and “is threatening to share the City’s stolen data with third parties who would otherwise have no readily available means by which to obtain the City’s stolen data,” according to the complaint filed by Westley M. Phillips, the city’s lead attorney for civil litigation.

Read more…
Source: SC Media


Sign up for our Newsletter


Related:

  • CrowdStrike is sued by shareholders over huge software outage

    August 1, 2024

    CrowdStrike has been sued by shareholders who said the cybersecurity company defrauded them by concealing how its inadequate software testing could cause the July 19 global outage that crashed more than 8 million computers. In a proposed class action filed on Tuesday night in the Austin, Texas federal court, shareholders said they learned that CrowdStrike’s assurances ...

  • Law firm Kirkland sued in class action over MOVEit data breach

    June 10, 2024

    U.S. law firm Kirkland & Ellis, the world’s largest law firm by revenue, has been pulled into U.S. litigation over a wide-ranging data breach linked to a file transfer tool that compromised data at hundreds of organizations. A proposed class action, opens new tab filed on Friday accused Kirkland and several other companies, including health insurer ...

  • Northern Ireland: Disabled former police officers to receive damages for alleged data breach

    May 30, 2024

    Disabled former policemen and women in Northern Ireland are to receive undisclosed damages for an alleged data breach, their lawyer revealed today. Financial settlements were reached in legal action against the Charity Commission for Northern Ireland. Proceedings related to an investigation by the Commission into the workings of the Disabled Police Officers’ Association back in 2014. ...

  • Optus sued by regulator over 2022 cyber-attack

    May 23, 2024

    Australia’s Communications and Media Authority (ACMA) has begun legal action against Optus, the country’s second largest telco, over a data breach it suffered in 2022. The watchdog has filed legal proceedings to the Federal Court, alleging that Optus “failed to protect the confidentiality of its customers’ personal information from unauthorised interference or unauthorised access,” and was ...

  • Ireland: More than 470 legal proceedings issued against health service after ransomware hit

    May 14, 2024

    More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...

  • Tennessee: New state law to protect entities under cyber attack from class action suits amid Ascension Health hack

    May 13, 2024

    Another healthcare system is under a cyber attack, and while it’s unclear what, if any information has been accessed, a soon-to-be law will prevent those whose information may have been exposed from filing a class action lawsuit against entities that are hacked as long as the organization wasn’t grossly negligent. According to a spokesperson for Ascension ...