The City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.
At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack.
"The City of Independence recently experienced an event that resulted in technical difficulties and disruption to multiple services. It appears that these disruptions are the result of a ransomware event that was discovered and stopped before it could infect the full City network," City of Independence City Manager Zach Walker disclosed in a statement.
Walker further stated that they are performing full system scans and restoring encrypted machines from available backups. The recovery process is causing further disruption to city services, including sending utility bills and online payments.
"In order to protect the integrity of our systems, when we started noticing some malicious activity, we took all of our systems offline," Walker told KSHB Kansas City. "One of the systems that was compromised when we voluntarily took it off of line was the utility billing system."
Due to their systems' issues, the City will not be charging late fees for missed payments due to the ransomware attack.
If you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal at +16469613731 or on Wire at @lawrenceabrams-bc.
Walker states that they are still investigating whether the attackers stole the City's data, including residents' and employees' data.
Unfortunately, most ransomware gangs now steal unencrypted files before the threat actors deploy the ransomware. These files are then used in double-extortion strategies, where the ransomware gangs threaten to release the files on a data leak site if a ransom is not paid.
Threat actors have told BleepingComputer that victims are commonly more concerned about the stolen data being leaked than the loss of encrypted files.
No ransomware operation has claimed credit for the attack at this time.