Advertisement

‘Too early’ to assess impact of cybersecurity breach, City of Hamilton says

Click to play video: '‘Too early’ to assess impact of cybersecurity breach, City of Hamilton says'
‘Too early’ to assess impact of cybersecurity breach, City of Hamilton says
City manager Marnie Cluckie thanked residents and partners 'for their patience' as IT staff continue to determine the magnitude of the widespread cybersecurity breach that began Feb. 25, 2024, affecting some municipal communications and services – Feb 27, 2024

The city of Hamilton says it’s “too early” to tell what type of information was accessed amid a “cybersecurity incident” that knocked out communications on Sunday, including crucial phone and email service.

In an update on Tuesday afternoon, city manager Marnie Cluckie thanked residents and partners “for their patience” as staff continued to determine the magnitude of the widespread outage that began Sunday, affecting services on Hamilton Street Railway buses and the public library.

“I want to assure residents that we are taking this matter very seriously and have engaged with a team of extremely talented cyber experts who are working on this in order to investigate, minimize impact and protect the community,” Cluckie said.

She confirmed that IT systems were disabled in the occurrence and that cybersecurity experts, insurers, legal counsel, and relevant authorities are still determining the scope of the breach.

Story continues below advertisement

Bus drivers were driving Monday morning without computerized schedules and the next-stop announcement system.

Hamilton Public Library’s system has also been inaccessible over the last two days with council committee meetings cancelled Tuesday due to issues.

However, city busses are still running, as are DARTs buses.

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.

Get daily National news

Get the day's top news, political, economic, and current affairs headlines, delivered to your inbox once a day.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

Routine transactions with the community are still ongoing and are being completed manually. That includes taxes which can be made through financial institutions or by visiting a municipal service centre.

Critical systems, like water and wastewater treatment and emergency services, were not affected and continue to be operational.

Story continues below advertisement

Cluckie had no specifics on the depth of public and community information accessed with a response to the breach continuing as of Tuesday afternoon.

She revealed that some “sandboxing” – the isolating of elements in the system – to make sure information isn’t going in or out in “a negative way.”

“There has been some programming impacted, but right now we’re compiling a consolidated list of that and updating our website on a regular basis,” she said.

City councilors will meet Wednesday morning in a closed-door session with city staff to discuss the scope of the cyber incident’s impact on city services and a plan going forward.

A pair of cybersecurity experts say the breach is the largest they know of among a dozen Canadian cities that have been hacked in the last decade.

Cybersecurity expert David Shipley told Global News the largest before Sunday was Saint John, N.B., in 2020 when city officials revealed their systems were targeted by ransomware.

“It went through an extraordinary amount of pain, with recovery efforts taking almost a year to get them back to where they were pre-incident and more than $3 million,” Shipley explained.

Terry Cutler, CEO of Psychology Labs and an international award-winning expert on the subject, said municipalities are typically vulnerable since they don’t have “the time, money or resources” to deal with cybersecurity.

Story continues below advertisement

Additionally, he said cities are at a disadvantage in battles between “hackers and defenders” since an individual infiltrating a system only needs one open doorway while IT staffers have to seal several.

“So a lot of times they don’t realize that they have their defences wide open because they don’t do enough cybersecurity audits,” Cutler said.

Sponsored content

AdChoices