ELLSWORTH — The City of Ellsworth announced Wednesday that it had fallen victim to a ransomware attack.
According to the city's social media page, the city detected unauthorized activity on its network June 2. It was confirmed as a ransomware attack.
In response, the City took its systems offline to contain the threat and protect against any other potential malicious activity. In addition, the City notified federal law enforcement and it is working with them and computer forensics experts to thoroughly investigate and remediate this issue.
The incident has not caused any stoppage in City services to residents, but its internal operations have been limited this week during the recovery efforts.
“Please know that we are giving this our undivided attention and are doing everything we can to restore our systems and resume normal operations as quickly as safely possible,” said Mayor Daniel Finnegan. The City currently estimates that its main server at City Hall will be restored and operational in the next one to two days. In addition, the City is deploying an endpoint detection and response program that will provide continuous monitoring and alerts of any suspicious or potentially malicious activity on its network.
At this time, the City has not determined if any personal information was accessed or acquired in connection with this incident. However, it is continuing to investigate and notify residents and provide updates as it learns more. In the meantime, please refer to the City’s website at www.ellsworthks.net where the City will be posting updates and additional details during the course of its investigation. Additionally, if anyone has other questions, they may contact John Deardoff, the interim City Administrator, at 785-472-5566.