Columbus Mayor Andrew Ginther said in a news conference all of the personal data obtained by a criminal group and published online was unusable.
Ginther spoke to reporters Tuesday and gave more insight into the city's response to the ransomware attack. He said that the city had to shut down all of its systems to thwart the cyber criminal group Rhysida from holding its data hostage.
But shutting the city's systems down is why some services are still not completely working, and not the hack itself.
Ginther said all files Rhysida stole were either encrypted or corrupted and therefore unusable. He said he expects this is why an attempted auction on the dark web by Rhysida failed and the cyber criminal group instead opted to publish the data online.
"None of our employees data. None of them were put at risk. And based on what we know at this point, all of the information that was taken was encrypted or corrupted, which makes it unusable," Ginther said.
Ginther also refuted a claim by the group that it obtained more than six terabytes of data. He didn't give an exact figure, but said it is but a fraction of that amount of data.
Ginther said on top of offering credit monitoring to employees, changes will have to be made to improve cybersecurity.
"We're going to have to invest more money into cybersecurity. We've invested, you know, $12 million over the last five years in cybersecurity. And what this incident and attack in this crime shows, is that, we have to remain vigilant about this," Ginther said.
The city is facing a lawsuit from police officers who say the city didn't do enough to prevent the ransomware attack or to alert employees after it happened.
In the lawsuit, the anonymous officers said they received alerts about their personal information being used.
Ginther said the city suspects another criminal group targeted city employees while they were dealing with the cyber attack by Rhysida.
Ginther also said Rhysida was able to look at personal information while it was in the city's system, but none of that information seems to be what is being published online.
Ginther said some systems are still being affected by the shut down, but was not specific about which systems are still being impacted.
"There are some systems that we're still working on restoring and that will take several weeks. But it was our decision to take those things offline, to protect the system and protect employees and the public's data," Ginther said.
Ginther said he also wants to use his position as president of the U.S. Conference of Mayors to try and influence national policy to help cities respond to cyber attacks. Recently, Cleveland was also hit with a ransomware attack, which Ginther said he's spoken about with those city's leaders.
"There are a lot of cities that are facing this from all over the country. And this is an issue that the U.S. Conference of Mayors needs to take on. And I'm going to use the bully pulpit of the presidency for the year that I have it, to promote more partnership, support resources and potentially law changes at the federal level," Ginther said.
Ginther said he doesn't think non-employee citizens of Columbus are at risk of having their data stolen because of the hack.
