Share this article on:
The threat actor behind the most recent MOVEit data leaks has revealed that it has done so in response to companies poorly securing data and blaming it on others, specifically naming a case in which the city of Columbus is suing a researcher for calling out its mayor for “downplaying” the severity of a ransomware attack.
For context, in July, the city of Columbus, Ohio, was hit by a ransomware attack by the Rhysida ransomware group.
The incident resulted in system outages across email and other resources for public agencies.
While the city believes no data was encrypted, Rhysida claimed to have stolen 6.5 terabytes of data, 45 per cent of which (260,000 files over 3.1 terabytes) was published when the city refused to pay the ransom.
Initially, Columbus mayor Andrew Ginther said the data leaked was of no value and that the attack had not been effective.
However, cyber researcher David Leroy Ross, better known as Connor Goodwolf, called out the mayor, accusing him of a false claim, and shared with the media what the leak included.
Columbus then submitted a lawsuit against Goodwolf, saying that the sharing of stolen data was illegal and careless and that the data was inaccessible by the majority of people, as it was published on a platform that required expertise to access.
Just days ago, threat actor Nam3L3ss leaked the employee data of a number of companies affected by the MOVEit vulnerability, including Amazon and McDonald’s, revealing that he would announce his reasoning for the leaks.
Now, Name3L3ss has done just that, saying that the persecution of Goodwolf by the city of Columbus was “the last straw”.
In what security researcher the threat actor has referred to as a “manifesto”, Nam3L3ss said he is not a hacker, is not affiliated with any threat group, does not sell or buy data and will not even attempt to breach anything that requires a password.
“I simply monitor the dark web and exposed online cloud services,” he said.
“If a Company or Government agency is STUPID enough NOT to encrypt it’s data during transfers or if an admin is to stupid or too lazy to password protect their Online storage that is on THEM!
“The world should KNOW exactly what these companies and government agencies are leaking!
“Companies and Governments alike have a RESPONSIBILITY to make damn sure they are encrypting PII Data!
“Too many Companies Blame 3rd Party Vendors, yet they themselves are transferring UNENCRYPTED data to these 3rd Parties!
“Those that are sending ENCRYPTED data have a responsibility to make damn sure the 3rd party is keeping it Encrypted.”
Nam3L3ss then specifically named mayor Ginther, blaming him for the recent leaks, and defending Goodwolf for calling out his actions.
“[Goodwolf] did NOT post the data, I WILL BE POSTING IT ALL UNREDACTED,” he said.
“Other police Departments can thank this Mayor for me releasing their data too.
“Even the Police Informant data I have will [sic] full Name, DOB, SSN will be released!
“It’s time for People like Andy Ginther, mayor of Columbus, Ohio to realize when they over reach there are consequences for them too!
“Even data that was released 10 years [ago] is in my possession and will see the light of day again!”
The city of Columbus, Ohio, dropped the lawsuit against Goodwolf earlier this month after reaching a settlement. On the condition that Goodwolf agrees to a permanent injunction that would only allow him to share data that is public record and with the city’s written approval, Columbus agreed to a dismissal with prejudice, barring it from trying to try Goodwolf again for the same reason.
Cyber Daily has reached out to the city of Columbus for comment on Nam3L3ss’ latest comments.
Despite the case being dropped, Nam3L3ss has continued to leak the data of major organisations like Lenovo, Urban Outfitters, Westinghouse and more.
Other users of the popular hacking forum on which Nam3L3ss posted the manifesto largely supported his work, except one who pointed out that Goodwolf is a “known pedophile”.
“Hey man. Just wanted to say that I love the work that you’re doing but maybe it’s not the best idea to mention a known pedophile in your manifesto as that’s not the best look,” said the user, who then posted a screenshot between a victim and another user allegedly discussing Goodwolf.
“He has an entire KiwiFarms thread about his history with grooming minors,” continued the user.
KiwiFarms is a forum on which users discuss the harassment of individuals online. It is often connected to group trolling incidents, doxxing and real-life harassment. It has also been tied to the deaths of six people.