Chief disturbed after database naming undercover Columbus officers found in leak

COLUMBUS, Ohio (WCMH) -- Another database recovered from the Columbus data leak has revealed names of undercover city officers, as well as graphic and sensitive information from police reports previously sealed from public view.

Cybersecurity expert Connor Goodwolf showed NBC4 the Columbus Division of Police's MatrixCrime database on Wednesday. Recovered from the Rhysida ransomware group's dump of stolen city data on the dark web, it holds confidential records for cases of rape, homicide, child abuse and domestic violence. Dating back to 2014, it also contains data from CPD's controversial Vice Unit that was added before the group's disbanding in 2019.

"Every single report from officers on the streets or if someone comes in to make a police report, it all goes to the specific database," Goodwolf said. "There's detailed information relating to the scene, weapon used or everything, whether the victim was injured, deceased, etcetera."

Alongside graphic details from officers' and victims' narratives, the leaked database exposes sensitive information including victim Social Security numbers, addresses and phone numbers.

Goodwolf doesn't have the full picture of the database just yet. He told NBC4 that part of it was partially corrupted while he downloaded it from the dark web, and there's more information to come. Of the part he did recover, he flagged that some of the reports also name minor victims.

"I feel angry looking at all these domestic violence cases, looking at the cases to where minors were sexually assaulted, individuals 15 years and younger," Goodwolf said. "Now they're not just victimized at one point, now they can be victimized yet again."

Some of the records also identify undercover Columbus police, an issue that attorneys mentioned in a class-action lawsuit filed against the city. While it's not clear if undercover units currently in the role are at risk, Goodwolf forecasted what else could be in the corrupted portion of the database.

"We're going to potentially see undercover officers who are undercover long term. We're going to see references to confidential informants and individuals," Goodwolf said. "Again, this database is not public record. It's an investigatory law enforcement record ... it's not subject to Freedom of Information Act requests at all. So, we're going to see a lot of damage coming from this if someone does decide to utilize it for unlawful means."

In an exclusive interview and her first time speaking since the cyberattack was discovered July 18, CPD Chief Elaine Bryant said NBC4 broke the news to her that her team's database was found in the leak.

"It's very disturbing to myself and all the members of the division," Bryant said.

Bryant couldn't give any specifics on protection for undercover officers whose identities may be compromised, because of how recently she found out. When NBC4 asked her about officers who told the Fraternal Order of Police their bank accounts had been hacked, she said it was up to another agency to look into.

"The city has teamed up with the FBI, so all of those investigations are being handled on the federal level," Bryant said.

Goodwolf said as of Wednesday, he has looked through two of the three terabytes of data Rhysida leaked. The other findings have included that the leak compromised residents' personal information, details on city employees, and investigative records from the city attorney's office and Columbus Division of Fire.

Rhysida claimed responsibility for the hack on Columbus, launching an auction for 30 bitcoin - or around $2 million -- on the dark web. After the group failed to secure bidders, the hackers publicly leaked the data on Aug. 8. Columbus Mayor Andrew Ginther later announced the city would offer free credit monitoring for anyone affected.