A ransomware attack by unknown perpetrators last week cut off internet services in the city of Bardstown, Ky. The city advised residents to change email passwords and monitor bank statements as it determines if hackers stole citizens’ personal data.
Bardstown is a small, historic community of around 12,000 citizens. The community was unaware what exactly it was hit by just before Labor Day when city services and internet access went down.
“In the early morning of Friday, September 2, 2022, the City of Bardstown IT team identified a network disruption that impacted certain operations and has caused some of our information systems to be offline,” read a notice last week on the city’s website.
While it initiated its IT response and containment protocols, the city quickly learned it had been “the victim of a cyberattack involving ransomware.”
Bardstown mayor Dick Heaton addressed the attack in a press conference last week but didn’t disclose the origins of the threat actors. Details about the ransom demands were also withheld, with Heaton refusing to say whether the city will pay the hackers to obtain a decryption key.
“Our investigation into the scope of the cyberattack is ongoing,” said Heaton. “We will provide prompt updates as we learn more.”
The city plans to inform citizens directly if the investigation concludes that any personal or identifiable information has been compromised. It also looks to provide citizens with details on how to protect themselves against fraud and other malicious attacks (like social engineering attacks).
Currently, the city has restored all Bardstown Connect customer email accounts it hosted and brought back internet services for “a vast majority of impacted residents.”
“Out of an abundance of caution, it is always advisable when incidents of this nature occur to remain vigilant by reviewing your credit reports and account statements and reporting any unusual activity,” the city said in its statement.
Bardstown Connect email users were also instructed to update their email passwords in order to regain access.
“We have no reason to believe personal computers of our customers were affected by this network disruption,” the city added.