The officials of Mobile County in southwest Alabama, have finally notified county employees of a computer system breach that compromised employee data along with other sensitive information.
Two months ago in May 2021, the County officials discovered malware affecting certain systems. In order to contain the matter and securely restore the systems, officials were forced to shut down the computer system for about three days.
The county commission said in a statement issued for employees: “As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity. Once the forensic specialists confirmed that our network was secure, we safely
restored our systems.”
“Although our investigation is ongoing, we have determined that certain computer systems were subject to unauthorized access on May 24, 2021. Through the forensics process, we learned on July 1, 2021, that employee information was at risk. This information includes: name, date of birth and Social Security number. On July 13, 2021 we learned that the health insurance contract number for employees subscribed to receive health coverage, and routing number for employees enrolled in direct deposit with Mobile County, were also at risk.”
“Given this news we are providing Mobile County employees with notice and information about credit and identity protection. Mobile County and specialists continue to review the remaining contents of the affected systems to determine what, if any, sensitive information regarding other parties was contained within these systems. As we confirm other potentially affected data, we will provide notice to the impacted population.”
“In the meantime, Mobile County is also taking steps to implement additional safeguards and review policies and procedures relating to data privacy and security. We understand that you may have questions regarding this incident. To ensure your questions are answered in a timely manner, please call the dedicated assistance line at (855) 545-2006, Monday through Friday, 8 a.m. to 5:30 p.m. CST (except U.S. holidays) or for direct contact to Mobile County regarding this event please reach out to PrivacyEvent@mobilecountyal.gov,” the statement read.
Cyber attacks on local governments in Alabama are not unheard of. In late May 2020, the city of Florence in the northwest corner of Alabama, paid over a quarter of a million dollars to the DoppelPaymer ransomware gang to recover data encrypted in a ransomware attack. The extortionists initially demanded 39 Bitcoin ($378,000), but an outside security firm hired by the city had negotiated the price down to 30 Bitcoin ($291,000).
The Florence City Council voted unanimously at an emergency meeting to pay the ransom from the city’s insurance fund, in order to secure information tied to its city workers and customers.
“We’re having to approach it from the standpoint that we’re going to have to assume—we know they have some of our information, we don’t know that they have our critical information, frankly don’t think they do but we don’t know,” Steve Holt, Mayor of Florence said.