“Everybody affected will have four months to take advantage of that,’’ McKinney said.
Almost all of those affected are employees, and their family members for the past 10 years or so, said John Lewis, assistant township administrator. A handful may also be business owners.
Lewis said it is possible some of the information is posted on the dark web. So far, the township has not received any reports from employees of identity theft or other issues.
The ransomware incident began May 5 when township employees became suspicious after it became difficult to access email. For a short time, phone service – which goes through an app – was also compromised.
Most of the township’s phone, email, and electronic communication was up and running within about two weeks. The township has not paid any ransomware fees to anyone, Lewis said.
“We maintain several different layers of backups – it’s kind of good (practice),” Lewis said. “We ended up having to restore from a secondary backup.”
Lewis said township officials do not know who the attackers are or what kind of demands they made. All that information is part of an ongoing investigation by law enforcement officials.
“To the best of our knowledge it (attack) has stopped,” Lewis said.
The township is continuing to work through the incident with consultants and is cooperating with law enforcement.
The incident did not involve the Butler County Sheriff office’s substation located in the township administration building. It has a separate IT system, which wasn’t impacted.
About the Author