Clickability tracking pixel

Cyberattack on Pennsylvania County Tallies $600K Cost

The cost of repairing damages related to the cyberattack that crippled the Luzerne County, Pa., computer network in May 2019 has now topped $600,000, according to county Manager David Pedri.

by Eric Mark, The Citizens' Voice / January 8, 2020
Shutterstock/Timofeev Vladimir

(TNS) — The cost of repairing damage from the cyberattack that crippled the Luzerne County, Pa., computer network in May 2019 has topped $600,000, according to county Manager David Pedri.

However, county officials hope the entire amount, apart from a $10,000 deductible, will be covered by the county’s cyber-risk insurance policy, Pedri said Monday. He said he is waiting to hear from the county’s insurance provider, Travelers Insurance Companies, to see if all costs will be covered. Those costs include overtime paid to county employees during the recovery from the cyberattack, as well as fees paid to outside cybersecurity firms and consultants.

The one remaining issue concerns the county assessment database, which was effectively shut down by the attack that was discovered over the Memorial Day weekend, Pedri said.

The database contains information, including assessed values, about nearly all of the more than 167,000 properties in the county.

After months of work to regain access to the database, the one problem left is restoring information that was lost during and soon after the cyberattack, Pedri said.

The issue will only impact the spring billing for about 400 property owners who built a new home, subdivision or addition on their property while the database was down, according to Pedri. Those property owners will receive an additional bill, as well as a notice explaining the problem, he said.

“We will deal with them on a case-to-case basis,” Pedri said, noting those cases represent much less than 1% of properties in the county.

The issue should be fully rectified by the time school district property tax bills get sent out in June and July, he said.

The county is in better shape to prevent another cyberattack than it was one year ago, according to Pedri.

All county employees have received mandatory training in cybersecurity measures, and a new position in the county’s Information Technology department — the only new position county council approved for this year — has been posted and advertised, he said.

Pedri reiterated that the county did not pay any form of ransom to regain access to its computer network.

He said that in hindsight, he should have provided more frequent updates to the public and the media about the status of the county computer network as recovery from the cyberattack progressed.

©2020 The Citizens' Voice (Wilkes-Barre, Pa.). Distributed by Tribune Content Agency, LLC.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

Platforms & Programs