Ohio's City of Columbus has sued software development consultant and cybersecurity expert David Leroy Ross, Jr., also known as Connor Goodwolf, over his alleged dark web download and media dissemination of the city's stolen data following a Rhysida ransomware attack in July, SC Media reports.
Aside from the lawsuit, Ross has also been filed with a temporary restraining order by a Franklin County judge to prevent continued access, downloading, or distribution of the retrieved Columbus data after noting a desire to establish a website that would allow checking of leaked information in an interview with local news station WCMH. Both developments follow Ross' disclosure that over 470,000 individuals across the city had their data, including names, birthdates, and Social Security numbers, compromised as a result of the incident, which prompted city officials to backtrack Columbus Mayor Andrew Ginther's statements downplaying the extent of the breach and note that information from the city's police officers and victims of crime were possibly affected.
While Columbus City Attorney Zach Klein said that lawsuit and TRO were warranted to ensure the privacy of those impacted by the incident, such legal action was noted by Electronic Frontier Foundation Free Speech and Transparency Litigation Director Aaron Mackey to be in violation of the First Amendment.
