October 7, 2022
A ransomware attack of unknown origin last week cut off internet services in Bardstown, in the US state of Kentucky. As it determines whether hackers made off with citizens’ data, the city is advising residents to change email passwords and monitor bank statements.Bardstown, a small, historic community of about 12,000 citizens, was unaware what hit…

A ransomware attack of unknown origin last week cut off internet services in Bardstown, in the US state of Kentucky. As it determines whether hackers made off with citizens’ data, the city is advising residents to change email passwords and monitor bank statements.

Bardstown, a small, historic community of about 12,000 citizens, was unaware what hit it just before Labor Day when city services went down, along with internet access.

“In the early morning of Friday, September 2, 2022, the City of Bardstown IT team identified a network disruption that impacted certain operations and has caused some of our information systems to be offline,” according to a notice on the city’s website.

As it initiated its IT response and containment protocols, the city soon learned it had been “the victim of a cyberattack involving ransomware.”

Mayor Dick Heaton addressed the attack in press conference Thursday, but refrained from disclosing the hackers’ origins. Details about the ransom demands were also held back, with Heaton refusing to say whether the city will pay the hackers to get a decryption key.

“Our investigation into the scope of the cyberattack is ongoing,” Heaton said. “We will provide prompt updates as we learn more.”

If the investigation concludes that any personal or identifiable information has been compromised, the city plans to inform affected citizens directly, with details on how to protect themselves against fraud and other kinds of malice (i.e. social engineering attacks).

So far, the city has restored all Bardstown Connect customer email accounts it hosted and brought back internet services for “a vast majority of impacted residents.”

“Out of an abundance of caution, it is always advisable when incidents of this nature occur to remain vigilant by reviewing your credit reports and account statements and reporting any unusual activity,” the city said.

Bardstown Connect email users are instructed to update their email passwords to regain access.

“We have no reason to believe personal computers of our customers were affected by this network disruption,” the city maintains.

Bardstown officials say they will reimburse customers whose internet service was interrupted for more than 24 hours for the period of lost service.

Source