LAFAYETTE, Colo. — The City of Lafayette paid $45,000 to a hacker or a group of hackers who were holding the city’s data hostage, the city announced Tuesday in a news release.
The city said it detected the attack just before 7 a.m. July 27 and immediately began efforts to contain the malware. The Boulder Office of Emergency Management and the State Office of Information Technology assisted the city in trying to contain the attack.
The ransomware cyberattack disrupted Lafayette’s phone service, email, and online payment and reservation systems. Emergency services, like 911, were not affected, the city said.
The city said personal credit card information was not compromised, and there is no evidence to suggest personal data was taken. However, out of an abundance of caution, residents and employees are advised to be vigilant to monitor accounts for suspicious activity.
The decision to pay the $45,000 ransomware to untangle themselves came after a cost/benefit scenario of rebuilding the city’s data versus paying the ransom. The ransom option far outweighed attempting to rebuild, the city said in the release.
“I can tell you that using taxpayer funds to pay a ransom was definitely not the direction the city wanted to take,” said Lafayette Mayor Jamie Harkins in a videotaped statement. “We attempted to pursue in any possible avenue to avoid paying the ransom.”
The ransom was paid this past weekend and the city received a key to unlock their systems.
“Staff has begun the slow and arduous process to now restore encrypted data and backups and allow city business to return to normalcy as soon as possible,” said Harkins.
The city said it is taking steps to prevent another attack. They are installing crypto-safe backups, deploying additional cybersecurity systems, and implementing regular vulnerability assessments.
The person or group responsible have not been identified.
Targeted ransomware attacks on local US government entities — cities, police stations and schools — are on the rise. Criminal hackers have targeted other Colorado municipalities and agencies in the past. The Colorado Department of Transportation was hacked in 2018 and their system held hostage by hackers who asked for Bitcoin in return for the hijacked files. It’s unclear if a ransom was paid.