Second Ontario municipality reports cybersecurity incident within three weeks

Click to play video: 'Still no timeline for Hamilton service return following cyberattack'
Still no timeline for Hamilton service return following cyberattack
More than two weeks after a ransomware attack, the City of Hamilton remains unable to give a timeline for when services will resume. While officials said there doesn’t appear to be a breach of personal information, one expert told Global News that residents should still keep a close eye on their personal accounts. Matthew Bingley reports – Mar 11, 2024

A town in Ontario’s Muskoka region has become the latest municipality to be hit by a cyberattack.

The Town of Huntsville said its municipal office would remain closed for a second day Tuesday and some municipal meetings were being rescheduled as specialists investigate a “cybersecurity issue” that came to light over the weekend.

The town said it currently has no evidence that any sensitive data, including personal information, has been compromised.

“Upon discovering this incident, we initiated our incident response protocol and we took immediate steps to secure our network against further unauthorized activity,” it wrote.

“The investigation, led by the cybersecurity specialists the town has engaged, is currently ongoing.”

The town said the precautionary measures taken have affected some of the municipality’s online services and systems.

Story continues below advertisement

Some municipal and council email addresses have been affected but customer service representatives are available by phone. Huntsville’s library was shut down on Monday but was expected to be open Tuesday. Several municipal meetings have been rescheduled.

Breaking news from Canada and around the world sent to your email, as it happens.

“The town is committed to being as transparent as possible regarding this incident and its implications for our community,” the municipality wrote.

Huntsville is the latest Ontario municipality to report a cybersecurity incident in recent weeks.

Officials in Hamilton said last week that they have engaged experts, insurers, lawyers and others in their efforts to completely restore the city’s systems following a Feb. 25 attack.

Systems used for online payments or licence applications have been affected in Hamilton, and municipal staff are processing routine transactions manually or accepting cash wherever possible. An investigation is also underway to determine if any personal information was accessed or compromised.

The Hamilton cyberattack came after similar attacks on two city-owned institutions in Toronto: the public library and the zoo, two incidents that exposed sensitive employee information.

Charles Finlay, executive director of Toronto Metropolitan University’s Rogers Cybersecure Catalyst, has said the breaches are an example of the seriousness of such cyberattacks, which have increasingly targeted municipalities in recent years.

Finlay said every municipality needs to establish a plan to respond to that kind of crisis, adding it’s not a question of if they’ll be attacked, but when.

Story continues below advertisement

The Association of Municipalities of Ontario has been urging members to approach cybersecurity policies and protocol as an “expansion to emergency preparedness,” saying municipalities should conduct risk assessments and address weaknesses in their systems.

The organization is holding a cybersecurity workshop for municipalities in partnership with the Rogers Cybersecure Catalyst later this month.

With files from Paola Loriggio

Sponsored content