ELLSWORTH - The City of Ellsworth announced today that it had fallen victim to a ransomware attack.
The following was posted on the City of Ellsworth Facebook page:
The City of Ellsworth is notifying residents that, on June 2, 2022, it detected unauthorized activity on its network, which has been confirmed as a ransomware attack. In response, the City took its systems offline to contain the threat and protect against any other potential malicious activity. In addition, the City notified federal law enforcement and it is working with them and computer forensics experts to thoroughly investigate and remediate this issue.
The incident has not caused any stoppage in City services to residents, but its internal operations have been limited this week during the recovery efforts.
“Please know that we are giving this our undivided attention and are doing everything we can to restore our systems and resume normal operations as quickly as safely possible,” said Mayor Daniel Finnegan. The City currently estimates that its main server at City Hall will be restored and operational in the next one to two days. In addition, the City is deploying an endpoint detection and response program that will provide continuous monitoring and alerts of any suspicious or potentially malicious activity on its network.
At this time, the City has not determined if any personal information was accessed or acquired in connection with this incident. However, it is continuing to investigate and notify residents and provide updates as it learns more. In the meantime, please refer to the City’s website at www.ellsworthks.net where the City will be posting updates and additional details during the course of its investigation. Additionally, if anyone has other questions, they may contact John Deardoff, the interim City Administrator, at 785-472-5566.