A judge has granted the city of Columbus a temporary restraining order against a cybersecurity expert who has provided details about the city's data hack to the media, including WOSU.
The request was filed Thursday in Franklin County Common Pleas Court asking the court to prevent David L. Ross Jr., who goes by Connor Goodwolf, from accessing, downloading and disseminating city data stolen in the July cyberattack on the city.
A judge granted that TRO later Thursday afternoon.
The complaint from the city said that Goodwolf has used the city's stolen data to reveal personal information on individuals.
The hacked data includes visitors to Columbus City Hall, domestic violence victims, and lists of people allegedly compiled to prevent their access to Columbus City Hall.
It also includes the identities of undercover police officers and child rape victims.
Goodwolf declined to comment on the restraining order. He said he is looking to hire a lawyer.
Columbus City Attorney Zach Klein said at a press conference on Thursday afternoon the city isn't going after Goodwolf for embarrassing the city. Klein claims the city is trying to stop him from giving out the information to untrustworthy people.
Goodwolf has also been critical of the city in interviews with WOSU.
"Who else is he disclosing that information to? Friends? Family? Like this is personal, confidential information. This is investigatory records. And in order to protect victims, in order to protect witnesses, in order to protect our fine men and women of the Division of Police. We filed this TRO," Klein said.
Klein did not provide evidence that Goodwolf was disclosing this to anyone but reporters.
Klein also said Goodwolf should have disclosed this to the city. Goodwolf said he tried to call the city's IT department and even multiple officials in Klein's office to do so. Goodwolf also provided screenshots of him calling these officials between August 13 and August 19.
Klein said he was never made aware by the employees of his office that Goodwolf tried to contact them.
The complaint alleges Goodwolf's actions have violated state laws and city codes and have caused concern across central Ohio. Despite this, the city is seeking a civil remedy through the courts at this time. Klein didn't say whether Goodwolf is under criminal investigation.
"I'm honestly not intentionally trying to be cryptic. I will just simply say this whole thing has been under investigation. We said that from day one," Klein said.
A statement issued by Columbus Mayor Andrew J. Ginther on Wednesday alleged downloading and disseminating this data on the dark web is a criminal action.
Ginther issued another statement after the request for a restraining order was filed Thursday.
“Since July, I have expressed how furious I am that the city of Columbus has been victimized by cybercriminals. City Attorney Klein’s actions show there are consequences for anyone who downloads and distributes the City’s stolen confidential data. We will continue to do everything in our power to protect our residents from being further victimized," Ginther said in a statement.
Klein said Goodwolf and anyone has a right to criticize the city and even him.
"This is not about freedom of speech or whistleblowing. This is about the downloading and disclosure of stolen criminal investigatory records," Klein said.
Klein did not say whether Goodwolf's work is what ultimately led the city to discover what was leaked to the dark web. He did not reveal how much the city has been able to find out to date compared to Goodwolf.
"A lot of this is a race to the data that's on the dark web. We have a team of people that are going investigating it. Connor obviously has made very known that he is trying to pull down the data himself as well," Klein said.
On Aug. 16, the city offered credit monitoring to all city residents and others impacted by the ransomware attack.
That came three days after Ginther said in a news conference all of the personal data obtained by a criminal group and published online was unusable.
Ginther then confirmed in an Aug. 17 press conference that personal information from private residents and others was released on the dark web.
The data being leaked online traces back to cyber crime group Rhysida, who attempted to deploy ransomware after the city said an employee downloaded an infected file.
Ginther said that he accepted responsibility for giving out what ended up being inaccurate information earlier about the data being unusable. He said that was based on the best details he had at the time.
