Town computers ransomed

computer locked

This press release was issued by Kristine Trierweiler last night –

(508) 906-3011

For Immediate Release

On Monday, January 25, 2016 the Town of Medfield discovered a virus had infected the
computer network at the Medfield Town Hall. A computer hacker had gained access,
apparently through an infected email, to the Town’s network and launched a Cryptoware ransomware virus which then encrypted most of the Town Hall files. The hacker demanded a ransom from the town in exchange for unlocking the files.
The Town consulted with several other towns, law enforcement agencies, and the Town’s antivirus protection firm, all of whom have experience with similar attacks against other municipalities in the Commonwealth. After numerous attempts were made to unlock the Town’s files, it was determined paying the ransom was the most expedient option for the Town. The Cryptoware virus had infected the backup system as well.

On January 26, 2016 the Town of Medfield paid the ransom of one half a bitcoin,
equivalent to three hundred dollars ($300 USD), as directed by the hackers. Once the
ransom was paid, the hackers provided the Town with a software key to begin the process of unlocking the files.

This was not a data breach and no files were removed from the system. The School
Department information and records are stored on a different server and were not affected by the virus. Payroll and employee information is stored offsite with our payroll vender.

The Town’s computer system was down until Monday, February 1, 2016 and the Town is still in the process rebuilding some areas of the network. In addition to unlocking the files, the Town’s IT department has been working around the clock to ensure future threats to the network have been diminished. The Town is removing all mapped drives, further restricting access to USB drives and taking additional measures.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s