Columbus Mayor Andrew Ginther's office says no city IT employees have been fired or reprimanded after a July 18 ransomware attack on the city.
On Wednesday, Ginther spoke to WOSU for the first time since the city got a court to file a temporary restraining order against Connor Goodwolf, a cyber security expert who exposed that personal data belonging to thousands of Columbus residents had been released on the dark web. Ginther defended the TRO being filed against Goodwolf.
Ginther was asked about several job postings in the Department of Technology that have appeared on the city's website since the attack occurred. In total, seven jobs have been posted and labeled as "vacancies" since that date. Four positions have since been taken down.
Ginther referred the questions to his office. His spokesperson, Melanie Crabill, responded via email, confirming that these were not vacancies created by the city terminating employees since the cyberattack.
"There have been no terminations or reprimands issued within the department since July 18. As Columbus continues to experience rapid growth—especially in the IT sector, where we are one of the nation's fastest-growing cities for technology-related job growth—we are actively seeking new talent to meet the city’s evolving needs," Crabill wrote in an email.
Crabill said the job postings reflect new positions that have been created to address the city's expanding technology needs or to fill vacancies.
"While not all positions are exclusively focused on cybersecurity, several do have cybersecurity responsibilities integrated into their roles. For example, the Safety Data Officer, Technology Solutions Analyst IV role includes cybersecurity tasks. It's important to note that these needs were identified prior to the cyberattack on July 18th," Crabill wrote.
The job postings included:
- A Business Systems Analyst
- A Data Analyst Technology Solutions Analyst
- A Safety Data Officer Technology Solutions Analyst
- A Senior Techology Project Manager
- A Systems Acquisitions Analyst
- A Technology Solution Analyst
Crabill didn't say whether the city has identified a person who could have downloaded an infected file or clicked a bad link that started the ransomware attack.
Crabill said the incident is still under investigation.
WOSU also asked Ginther about why the city filed the legal action to prevent Goodwolf from releasing information stolen from the city that he found on the dark web. It also seeks at least $25,000 in damages.
"Ultimately, the reason we took this action was because the individual was sharing information that would compromise the identities of our undercover officers and other individuals who are serving the public who put themselves at risk," Ginther said.
Goodwolf exposed that personal information belonging to thousands of Columbus residents was online. Ginther had previously said all that data was unusable. Goodwolf showed WOSU and multiple media outlets the information he found.
Ginther said the city isn't opposed to working with Goodwolf despite the lawsuit.
Ginther told WOSU that the city's Department of Technology was not the only group that shared information with him, which Goodwolf later proved was incorrect. Ginther said it was information given to him by cyber security experts with the DOT, the FBI and the U.S. Department of Homeland Security.
"There's a whole group of folks that have been helping with this very ongoing, complicated investigation. The information that I shared at the time was the best information that we had at the time. When I said that, obviously after learning there was better information, more information, new information we could share. I did that," Ginther said.