Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
City of Columbus

City of Columbus Vendor Cyber Rating & Cyber Score

columbus.gov

The City of Columbus, Ohio has been called one the the best places to live, work and raise a family. The Mayor, elected officials and employees of the city government work everyday to maintain that high standard of service and quality of life for all Columbus residents, to keep Columbus neighborhoods vibrant, and to support the economic development of the entire Central Ohio region. The state legislature established Columbus as a city in 1812. The city is a home-rule municipal corporation operating under the laws of Ohio. The City Charter, its constitution, can only be amended by a majority of the city’s voters. The City of Columbus is administered by a Mayor, a seven-member City Council, the City Auditor and City Attorney.


CC A.I CyberSecurity Scoring

CC
Company Information
Website:http://www.columbus.gov/
Employees number:3,805
Number of followers:16,109
NAICS:92
Industry Type:Government Administration
Homepage:columbus.gov
CC Risk Score (AI oriented)
Between 0 and 549
logo
CCGovernment Administration
Updated:
23/06/2026
263/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CC Global Score (TPRM)
xxxx
logo
CCGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CC
CCCritical
Current Score
263C (CRITICAL)
01000
4 incidents
-155 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
273Before Incident
JUNE 2026
290Before Incident
Cyber Attack
22 Jun 2026CC
City of Columbus: Columbus' IT director retiring nearly two years after major cyber attack exposed citizens' data

Columbus Cyberattack by Rhysida

263After Incident
CRITICAL-27
CIT1782196062
Columbus IT Director Retires Amid Fallout from 2022 Cyberattack Sam Orth, the longtime Director of Technology for the City of Columbus, is retiring nearly two years after a devastating cyberattack exposed the personal data of hundreds of thousands of residents. Columbus City Council will recognize Orth’s service in a resolution co-sponsored by all nine members during its Monday evening meeting. The attack, carried out by the cybercriminal group Rhysida in 2022, compromised terabytes of city data, which was later leaked on the dark web. Columbus was among several municipalities targeted that year, including Cleveland. Initially, city officials claimed the attack had been contained and that the stolen data was unusable until a whistleblower, IT expert Connor Goodwolf, revealed that sensitive information for at least 500,000 people had been exposed. Goodwolf also criticized Orth for slow response times and inaccurate reporting to Mayor Andrew Ginther, including a disputed claim that only criminals use the dark web. In the aftermath, the city implemented a "zero trust network" requiring continuous identity verification for system users. However, internal accountability remained limited eight Department of Technology employees were terminated, retired, or resigned following the breach, though personnel records do not link their departures to the incident. Orth, appointed by Ginther in 2016, oversaw Columbus’s IT infrastructure for a decade, including the rollout of body-worn cameras for police officers. His career also included roles at Apple, the Ohio Education Computer Network, and the Ohio Office of Information Technology. His last day is Friday, with Deputy Director Pam O’Grady stepping in as interim director. O’Grady, whose experience is primarily in government affairs, previously worked for former Columbus Mayor Michael Coleman and Ohio Governor Ted Strickland. Meanwhile, WOSU’s public records request for communications between the mayor and senior officials during the attack remains unfulfilled over a year later. The city reported in February that the request yielded over 2,200 records still under review.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Cybercrime
IMPACT
Data Compromised: Terabytes of city dataBrand Reputation Impact: YesIdentity Theft Risk: Yes
DATA BREACH
Type Of Data Compromised: Personal dataNumber Of Records Exposed: 500,000Sensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
MAY 2026
268Before Incident
APRIL 2026
257Before Incident
MARCH 2026
253Before Incident
FEBRUARY 2026
512Before Incident
Ransomware
24 Feb 2026CC
City of Suffolk, Virginia, City of Columbus, Ohio, Virginia Attorney General’s Office and Florida Department of Health: Suffolk, VA warns 157,000+ people of data breach that leaked SSNs, finances

Suffolk, Virginia Hit by Massive Ransomware Attack, Exposing 157K Records

237After Incident
CRITICAL-275
CITCITFLOCIT1777912437
Suffolk, Virginia Hit by Massive Ransomware Attack, Exposing 157K Records The city of Suffolk, Virginia, has notified 157,725 individuals of a February 2026 data breach after a ransomware attack compromised sensitive information, including names, Social Security numbers, and financial account details. The breach was disclosed in notices sent to victims last month. According to city officials, the attack was detected and halted before ransomware could be fully deployed, but not before cybercriminals exfiltrated data from Suffolk’s network. The ransomware group Cloak claimed responsibility, alleging it stole 2.5 TB of files though Suffolk has not confirmed the claim, and details about the attack vector, ransom demands, or payment remain undisclosed. The breach occurred on or around February 24, 2026, when attackers gained access to the city’s systems. Suffolk’s investigation found that the intrusion was terminated shortly after detection, but the incident highlights the growing threat of ransomware against government entities. Notably, the city’s breach notification did not include offers of free credit monitoring or identity theft protection for affected individuals. Cloak, a ransomware group active since August 2023, has been linked to at least 75 attacks, with 20 confirmed by targeted organizations. The group has previously breached other government entities, including the Virginia Attorney General’s office (February 2025), as well as municipalities in Canada, Germany, and Sri Lanka. Suffolk marks Cloak’s second confirmed attack of 2026, following a January breach of German retailer Dinnebier Gruppe. The Suffolk incident ranks as the 11th-largest ransomware breach of a U.S. government entity by records exposed. Comparitech researchers have documented 20 confirmed ransomware attacks on U.S. government targets in 2026 alone, with some of the largest including: - Florida Department of Health (729,699 records, July 2024) - RIBridges (650,000 records, December 2024) - Columbus, Ohio (500,000 records, July 2024) Ransomware attacks on government agencies often disrupt critical services from payroll and billing to emergency communications while exposing citizens to heightened fraud risks. Suffolk, a city of 95,000 in southeastern Virginia, is the state’s 10th-most populous, underscoring the far-reaching impact of such breaches.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Names, Social Security numbers, financial account detailsOperational Impact: Disruption of critical services (e.g., payroll, billing, emergency communications)Identity Theft Risk: Heightened fraud risks for affected individualsPayment Information Risk: Financial account details compromised
DATA BREACH
Type Of Data Compromised: Personally Identifiable Information (PII), Financial DataNumber Of Records Exposed: 157,725Sensitivity Of Data: High (Social Security numbers, financial account details)Data Exfiltration: 2.5 TB of files (alleged by Cloak)Personally Identifiable Information: Names, Social Security numbers
JANUARY 2026
508Before Incident
DECEMBER 2025
501Before Incident
NOVEMBER 2025
493Before Incident
OCTOBER 2025
642Before Incident
Ransomware
01 Oct 2025CC
City of Columbus

Rhysida Ransomware Attack on the City of Columbus

479After Incident
CRITICAL-163
CIT2794927100225
The City of Columbus suffered a severe cyber incident executed by the Rhysida ransomware group, resulting in the theft and public sale of over 6 terabytes of sensitive city data. The attack forced the shutdown of multiple critical systems, with recovery efforts spanning months to restore full functionality. Five plaintiffs—including undercover police officers, firefighters, and a resident—reported financial fraud (unauthorized purchases, fraudulent bank accounts) and extortion attempts (ransom demands, threats of data exposure). The breach exposed highly sensitive employee and resident data, leading to identity theft risks and operational disruptions. While a lawsuit was filed alleging negligence in data security, it was dismissed due to political subdivision immunity under Ohio law, leaving victims without legal recourse despite documented harm. The attack underscored systemic vulnerabilities in the city’s IT infrastructure and the broader challenges of holding government entities accountable for cybersecurity failures.
INCIDENT DETAILS -
TYPE
ransomwaredata breachidentity theftextortion
MOTIVATION
financial gaindata theftextortion
IMPACT
Data Compromised: 6+ terabytesSystems Affected: multiple (city systems)Downtime: months (for some systems)Operational Impact: severe (system shutdowns, prolonged recovery)Brand Reputation Impact: moderate (lawsuit, public disclosure of breach)Legal Liabilities: lawsuit dismissed (political subdivision immunity)Identity Theft Risk: high (unauthorized purchases, fraudulent accounts, extortion threats)Payment Information Risk: high (fraudulent bank accounts opened)
DATA BREACH
personally identifiable information (PII)employee recordsresident datapotentially financial dataSensitivity Of Data: high (includes undercover police officer and firefighter data)Data Exfiltration: yes (6+ terabytes posted for sale)Personally Identifiable Information: yes (used for identity theft, fraudulent accounts)
SEPTEMBER 2025
642Before Incident
AUGUST 2025
640Before Incident
JULY 2024
769Before Incident
Ransomware
01 Jul 2024CC
City of Columbus

Ransomware Attack on City of Columbus, Ohio

601After Incident
CRITICAL-168
CIT000110524
In July 2024, the City of Columbus, Ohio, faced a ransomware attack that initially aimed to disrupt its IT infrastructure. Although the attack was thwarted with no systems encrypted, the Rhysida ransomware gang claimed to have stolen 6.5 TB of data, impacting personal and financial information of 500,000 individuals. This included employee credentials, emergency services data, and access to city cameras. The attack resulted in 3.1 TB of data being leaked on the dark web. The city offered credit and dark web monitoring services to affected individuals, and while there has been no reported misuse of the data for identity theft or fraud, the incident raises significant concerns about cybersecurity and data protection.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Data theft and disruption
IMPACT
employee credentialsemergency services dataaccess to city cameraspersonal and financial information of 500,000 individuals
DATA BREACH
employee credentialsemergency services dataaccess to city camerasSensitivity Of Data: High

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CC ?
?
What was CC's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CC's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CC's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CC's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CC's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CC's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CC's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CC ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CC's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?