Posted by: Heather Shy on April 12, 2019 at 8:00 am
Genesee County faces a nightmare — the loss of hundreds of thousands of vital birth and death records after a ransomware attack.
Put yourself in their shoes: Could your business afford to go without email for parts of 4 business days? How long could you stand entire departments shutting down? What would you do if a key employee spoke out about your lack of data security — and had evidence to back that claim?
On Tuesday, April 2, the Genesee County Board of Commissioners announced the attack via Facebook post.
The post described a typical ransomware attack: the scammers encrypted files and demanded payment to release them. It’s possible that the criminals were aware of the value of the files, since they demanded $4 million dollars in payment.
Does your business have an extra $4 million laying around for ransomware payouts?
Needless to say, neither does Genesee County. Instead, their IT team stopped the attack and prevented further encryption. They are working to restore files from backups.
Vital Records and Systems Threatened
However, the attack shut down email for county employees until Friday, April 5. While their IT department continues working, as of Tuesday, April 9, they were not yet able to restore files in the County Clerk’s office. This office handles thousands of birth and death records, as well as other vital documents. So, even though the hackers were not able to steal the data, Genesee County residents may not have access to it either.
John Gleason, Genesee County Clerk, said the clerk’s system had not been updated since 2000. He also indicated that the data affected in his department was not protected by a firewall. He is outspoken about the lack of data security in the county, even filing lawsuits in 2013 and 2016 over budget deficits for his department.
Never Too Early to Review Network Security
When was the last time an expert reviewed your business security? TAZ Networks has business security solutions for almost any budget. Call us today for a cybersecurity review, so you can prevent ransomware data loss.