IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Cyber Attacks Hit in Massachusetts and South Carolina

Lowell, which is Massachusetts’ fifth largest city, discovered a cyber intrusion early last week, and its response saw many city systems taken offline. Meanwhile, Spartanburg County, S.C., was struck by ransomware, too.

A hacking concept image of red exclamation mark over an infected network.
Shutterstock/Chor muang
Cyber attacks continue battering local government, with two East Coast communities among the latest victims.

Spartanburg County, S.C., — a community of roughly 327,000 residents — suffered a ransomware attack last week, according to The Record. Essential services like 911 and emergency communications remained intact, a spokesperson told the publication. As of April 28, law enforcement was working on investigation and recovery, and the city had hired a cybersecurity firm.

“The county’s IT Department and our cybersecurity and forensic team continue working to test and recover impacted systems,” county spokesperson Kay Blackwell told the paper.

In a notice on its website Friday, the county said “some computer system issues” were impacting many phone numbers and posted a list of alternate numbers to use. These included contacts like the sheriff’s office, traffic court and veterans' affairs, among others.
Spartanburg, SC website "news flash" post listing alternate contacts for county departments and explaining that computer system issues are affecting normal phone lines.
Notice on Spartanburg's website

While Spartanburg’s week capped off with a cyber attack, the week began with one for Lowell, Mass., which is the fourth largest city in Massachusetts, with nearly 109,000 residents.

CIO Miran Fernandez discovered signs of a breach around 2 a.m. Monday, April 24, and his department responded by shutting down the system, per the Lowell Sun. City Manager Tom Golden credited that quick response with preventing data theft, but said the city would need to rebuild its system.

When the city’s Management Information Systems Department (MIS) detected the issue impacting several systems on Monday, it “determined that the best course of action was to segment and isolate systems in order to help troubleshoot them further,” Lowell explained in an April 25 post on its website. “Servers, networks, phones and other systems throughout the city became inaccessible as MIS focused on protecting the city's technology and data assets.”

“911, fire and emergency phones were not impacted,” the city added.

Lowell hasn’t specified the type of attack impacting it, instead referring to the event only as a “cyber-related incident.” The city said it was working with law enforcement and investigating the extent of the impact.

“MIS is following industry best practices and developing a response plan to address the issue and, out of an abundance of caution, will keep all systems offline while working diligently to secure and restore services safely,” Lowell posted.
Online notice on Lowell website explaining a network disruption had struck
Notice on Lowell city website updating residents on the cyber attack
Constituents were advised to expect delays when engaging with the city.

During the disruption, residents would be able to continue making a variety of online payments, but their accounts might not update to show they’d successfully paid, the city said:

“Payments for real estate, personal property, motor vehicle excise, water utility, vital records, burial permits, cemetery lot purchases, and other services are still being accepted through the city's online Invoice Cloud payment system. However, payments may not be immediately reflected against payments due online.”

Phone services were back up and running at city hall as of Thursday, the city said in an update, while work continued to revive phones at other city locations. Multiple state and federal agencies were helping with the investigation.