LAFAYETTE, Colo. – The city of Lafayette said Monday it had discovered some personal information that hackers might have had access to as they conducted a ransomware attack on the city computer system last month.
The city said earlier this month, when it first publicly gave notice of the July 27 ransomware attack, that it did not believe any personal information was compromised. The city decided to pay the $45,000 ransom rather than rebuilding the city’s data and computer network.
The ransomware attack affected city phone and email service, as well as online payment and reservation systems.
The city said Monday that it still does not believe any personal credit or debit card information was compromised because of payment gateways it uses but said that they continue to monitor whether that was the case through any suspicious activity on accounts.
But the city also said Monday that the cybercriminals might have had access to some personal information – including people’s names, driver’s license or ID card numbers, medical information, health insurance ID numbers, and city credentials.
“It is unknown whether the cyber criminals copied any information from the City’s network,” the city said in a release.
Among that information that the criminals might have had access to include residential and commercial water bill account user names and passwords, names and health insurance information for people transported by Lafayette Fire Department ambulances before Jan. 1, 2018, rec center online accounts, Indian Peaks Golf Course accounts, Lafayette city employees’ personal information, liquor and marijuana license applications and names and driver’s licenses on traffic citations or other police reports.
“Although we are unaware of any actual acquisition or misuse of personal information, we are providing notice to potentially affected individuals about the incident and resources available to protect individuals against possible identity theft or fraud,” the city said.
The city says it has brought in a cybersecurity analyst and other information and data specialists from Boulder County and the state. It said that servers and computers were being cleaned and rebuilt before data is restored and system operations go back online.
“While there is no way to eliminate the risk of these types of attacks, the City is taking steps to install crypto-safe backups, deploy additional cybersecurity systems, and implement regular vulnerability assessments to prevent future data threats and safeguard personal information,” the city said.
More information can be found here.