News

City News

Posted on: August 4, 2020

Cyberattack causes City computer outage

News Release

In the early morning hours of July 27, a ransomware cyberattack on the City’s computer system disabled network services resulting in disruptions to phone service, email, and online payment and reservation systems. 9-1-1 and emergency dispatch services were not affected. Staff detected the infection and ransom notification at approximately 6:50am and disabled all network connections to contain the malware spread. Mutual aid from neighboring jurisdictions was brought onsite to assist, and a cybersecurity analyst was contracted to provide forensic investigation and recovery. Additional resources were deployed from the Boulder Office of Emergency Management and the State Office of Information Technology.

Ransomware is a type of malicious software designed to block access to a computer system or files until a sum of money is paid. Preliminary investigation indicates the ransomware entered the City’s network through a phishing scam or brute force, and looks to be a random attack.

Financial data appears to be recoverable from unaffected backups. Personal credit card information was not compromised, as the City uses external PCI-certified payment gateways. There is no evidence to suggest personal data was compromised, but out of an abundance of caution, residents and employees are advised to be vigilant to monitor accounts for suspicious activity. The City will be sending a security breach notification to individuals who have personal information residing on the City’s network.

System servers and computers are currently being cleaned and rebuilt. Once complete, data will be restored to the system and operations will resume. No permanent damage to hardware has been identified. While core City operations continue, online payment systems have not resumed. At this time, the City is unable to estimate a timeline that all systems will be back up and running. A list of temporary phone numbers and emails can be found here:

The ransomware that invaded the City’s system was used by criminals to block access to the City’s computer data until a sum of money is paid. The City was coerced into paying a $45,000 ransom to retrieve a “key” to unlock encrypted data. Ransom payment was not the direction the City wanted to go, and pursued all avenues to find alternative solutions.  In a cost/benefit scenario of rebuilding the City’s data versus paying the ransom, the ransom option far outweighed attempting to rebuild. The inconvenience of a lengthy service outage for residents was also taken into consideration.

While there is no way to eliminate the risk of these types of attacks, the City is taking steps to install crypto-safe backups, deploy additional cybersecurity systems, and implement regular vulnerability assessments to prevent future data threats.

City of Lafayette Mayor Jamie Harkins released a video discussing the cyberattack. Watch now here

Additional Info...
Facebook Twitter Email

Other News in City News

Utility Billing Information

Utility billing update September 2020

Posted on: September 3, 2020
Ride Free Lafayette

Ride Free Lafayette

Posted on: July 22, 2020
bikeride_forweb.jpg

Bike webinars on Sept. 23 and Oct. 14

Posted on: September 14, 2020
Lafayette Connection

September Lafayette Connection newsletter

Posted on: September 10, 2020

Colorado Statewide mask order

Posted on: July 16, 2020
Lafayette Listens video screenshot

Check out Lafayette-Listens.com

Posted on: October 18, 2019

Equal protection under the law

Posted on: February 24, 2017