Victim of data theft in Columbus demands answers to his information

COLUMBUS, Ohio (WSYX) — A crime victim is now demanding answers after learning that his personal information was likely part of the massive ransomware attack that targeted the city of Columbus.

“It’s uncomfortable because I have children,” said the woman, who wished to remain anonymous for safety reasons.

A cybersecurity analyst said he discovered the woman's personal information in a Columbus City Attorney's Office database that contained the names of victims, defendants and witnesses.

The mother of three believes her data was recorded because she was attacked several years ago.

“I didn't know my personal information would be made public,” the woman said. “I went there because I was in a certain situation. Now my data is spread everywhere. I don't know. I'm a victim again.”

Connor Goodwolf on Tuesday released thousands of files he claimed to have found over the weekend, restoring them shortly after the mayor revealed the stolen data was encrypted, corrupted and unusable on the dark web.

Goodwolf says the data was leaked to the dark web by a foreign ransomware group called Rhysida after neither a ransom was paid nor the stolen data was purchased at auction.

“This is definitely a big violation for cities,” said Trent Milliron of Kloud9 IT.

The cybersecurity expert recommends that anyone who believes they have been a victim of identity theft should immediately change their passwords, set up credit monitoring and request a credit freeze.

“If someone tries to steal your personal information and open an account in your name, you will be notified immediately,” Milliron said.

The City is currently working with the FBI, Department of Homeland Security and other agencies to determine if the data found on the dark web was accessible, while our crime victim desperately seeks to ensure his sensitive data is protected.

“You all need to pull yourself together,” the woman added. “This should never have happened. This is people's personal data.”