The City of Columbus is facing a significant cybersecurity incident, which has led to disruptions in several resident-facing IT services. Here’s what you need to know about the situation and the city’s ongoing efforts to resolve it.
Update 7/24/24
The City of Columbus continues to work on restoring its systems following last week’s cybersecurity incident. There was initial uncertainty about whether the global CrowdStrike outage was responsible. As more information was verified, the city provided updated details.
City officials have been instructed not to disclose the full extent or cause of the outage. “We were told specifically by leadership that this is all we’ve been able to talk about,” spokesperson Lee Cole told The Dispatch. The timeline for public disclosure remains uncertain.
City Attorney Zach Klein posted on “X” that his office is unable to send or receive external emails, advising residents to use the phone for contact. City Council has been briefed but has no public comment at this time.
Mayor Ginther indicated that severing the internet connection was necessary to contain further damage, but the restoration process could take time. No estimate has been provided for when full functionality will be restored.
“We’re going to restore systems and put them back in place as quickly as we can, as long as we know they’re safe and secure,” Columbus Mayor Andrew Ginther said Tuesday. “Public safety, public health, public utilities will be some of those first systems you’ll see being restored to make sure that we’re doing everything we can to provide basic city services the way the people of Columbus deserve and expect.”
What Happened?
On July 18, 2024, the city’s Department of Technology detected an abnormality in its system while conducting routine monitoring. This incident was not connected to the global IT outage that occurred on the same day. In response, the city took immediate action to mitigate potential risks, which included severing internet connectivity to safeguard its systems.
This precautionary measure has resulted in outages affecting some services used by residents. However, essential services like the city’s 9-1-1 and 3-1-1 systems, as well as employee payroll, continue to function normally.
What Caused the Issue?
The investigation into the exact cause of the incident is ongoing. Preliminary findings suggest that the issue may have originated from a City of Columbus employee inadvertently clicking on a malicious link in an email.
Was Any Personal Information Accessed?
The city is still determining whether any personal identifiable information was accessed during the incident. If it is found that individuals’ information was compromised, those affected will receive direct notifications.
— Mayor Andrew Ginther (@MayorGinther) July 23, 2024
What is the City Doing in Response?
The City of Columbus is in the process of eradicating the threat and recovering its systems. The city has engaged law enforcement and cybersecurity experts to address the incident, ensure compliance with applicable laws, and minimize further risks.
Mayor Andrew Ginther emphasized the city’s commitment to resolving the issue: “The City of Columbus is working diligently to restore its systems following this cybersecurity incident. We are taking all necessary steps to protect our community and restore services as quickly as possible.”
How Can Residents Get More Information?
Residents who may be impacted by the incident will be notified directly. For general inquiries, the city’s 3-1-1 system remains operational and available to provide information.
Moving Forward
As Columbus works to restore its systems, residents are encouraged to stay informed and vigilant. The city’s efforts to address the cybersecurity incident highlight the importance of robust IT security measures and the need for ongoing awareness about cyber threats.
For the latest updates on the incident and the restoration of services, residents can visit the City of Columbus website.
Featured image by Hack Capital on Unsplash