Kinda like that jackass AG who targeted a journalist for viewing the HTML of a state site and published an article about the PII hard-coded within the web app. Don’t make us look bad!

  • ikidd@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    3 months ago

    “The information provided by Ross.”

    You disengenuous cunts. The information was provided by the city with it’s shit IT practices. Ross just proved that you were lying about it by showing what was in the wild. Anyone that takes this horseshit at face value should be shot with a ball of their own shit.

  • 🇰 🌀 🇱 🇦 🇳 🇦 🇰 ℹ️@yiffit.net
    link
    fedilink
    English
    arrow-up
    11
    ·
    3 months ago

    “It’s impossible for them to know anything since it’s corrupted.”

    “That’s not true, look I just downloaded it. It even has your name and home address right here.”

    “HOLD IT RIGHT THERE, CRIMINAL SCUM! YOU HAVE VIOLATED THE LAW BY DOWNLOADING THAT DATA!”

    “I only downloaded it to show that you were lying…”

    “THAT IS ALSO WHY WE HATE YOU.”

  • Optional@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    3 months ago

    Columbus Mayor Andrew Ginther said on August 13 that a “breakthrough” in the city’s forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them “unusable” to the thieves. Ginther went on to say the data’s lack of integrity was likely the reason the ransomware group had been unable to auction off the data.

    Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.

    On one hand, having a bad lie exposed weakened their position for the ransom.

    On the other, they fucked up three different ways now.

  • Kraiden@kbin.earth
    link
    fedilink
    arrow-up
    3
    ·
    3 months ago

    This effect is to get [Ross] to stop downloading and disclosing stolen criminal records to protect public safety.

    Why him specifically? That’s a lot of effort to stop one guy doing what literally anybody with some time and willpower could do? Surely they have bigger problems right now? Fucking pathetic.

    • ColeSloth@discuss.tchncs.de
      link
      fedilink
      arrow-up
      4
      ·
      3 months ago

      Because the real reason is obviously that the city got called out on and caught in a straight up lie, and they’re pissed and seeking revenge.

  • explodicle@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    3 months ago

    Stupid question: how is ransomware still a thing? Why don’t institutions back up their data yet?

    • khannie@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      3 months ago

      In the early days of ransomware I helped a small business of a friend that was attacked. They got in and waited months, creating garbage backups until they were confident then sprang the trap.

      Tbh I was impressed with how thorough they’d been.

      • dave@feddit.uk
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 months ago

        Yeah, backups are useless unless you restore and test regularly. But it’s one more step of admin that few people / organisations do sadly.

    • CoopaLoopa@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      4
      ·
      3 months ago

      Locking a company out of their systems isn’t the most lucrative part of ransomware anymore. Data exfiltration and threatening to release the data to the highest bidder is now the norm.

      Ransomware also typically sits on a system doing nothing for ~6 weeks before ever starting to encrypt and upload data. Even if companies have backups to restore from, they need to choose whether they’re going to restore entire machines quickly and risk still having the ransomware on the restored machine. Or they can take the long a painful route of spinning up new machines, then restoring just the data itself to individual apps/services to ensure you don’t still have ransomware after the restore.

    • raspberriesareyummy@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      3 months ago

      Because the amount of organizations needing data backups / protection far exceeds the amount of available qualified IT personnel. So instead of training themselves, they hire morons who say “sure I can do your IT”