COLUMBUS, Ohio — The City of Columbus announced it has reached an agreement with the cybersecurity expert who revealed details of the cyberattack on the city over the summer.
City Attorney Zach Klein said his office and Connor Goodwolf agreed to permanently extend a preliminary injunction signed in September that protects sensitive data exposed in the cyberattack from being disseminated. Goodwolf, which is not his legal name and one he uses in interviews, will still be allowed to have a dialogue with the city about the breach. The city also agreed to drop its civil lawsuit against Goodwolf.
The city says Goodwolf is still allowed to discuss what kind of data was exposed, but he isn't allowed to share anything that has personal identifiable information such as social security numbers, driver's license numbers, bank account information and other sensitive information. He's also not banned from disseminating any data from the city's crime databases.
A temporary restraining order was granted against Goodwolf on Aug. 29 after he spoke with several media outlets in the weeks following the city's cyberattack to explain what information was leaked on the dark web.
The city says it first learned something was wrong on July 18 when the city's department of technology "found evidence of an abnormality in its system." The city then severed its connection to the internet.
Two weeks later, the hacker group Rhysida claimed responsibility for the attack, saying it had 6.5 terabytes of data. The group later released 45% of the data it took from the city.
On Aug. 13, Mayor Andrew Ginther said the data stolen by hackers was either corrupted or encrypted, meaning it was likely useless. Later that day, Goodwolf told 10TV that wasn't true and he showed what kind of personal information he was able to access.
“During this crisis, our priority has been to keep the best interest of residents, victims, police officers, and all those impacted at heart. While I remain concerned about anyone having access to this sensitive data, conversations with Mr. [Goodwolf] have been positive, and all parties have agreed to move forward with an agreement that continues to prevent the dissemination of information, such as confidential law enforcement records while protecting free speech," Klein wrote in a release.
A judge must sign off on the resolution before it goes into effect.
Earlier this week, Ginther said all critical systems have been restored. The city's technology department told city council on Monday that 74% of all systems have been fully restored.
