Monmouth County, NJ township loses email for weeks after cyberattack
MIDDLETOWN — A cyberattack blocked access to this municipality's servers preventing access to government email for about three weeks.
Township Administrator Tony Mercantante in a statement said there is an “active criminal and forensic investigation” underway into the attack.
The statement did not disclose the origin of the cyberattack, how the township was able to get regain access to the server or if a ransom was paid.
An email sent from a township email address was received by New Jersey 101.5 on Wednesday afternoon.
Mercantante said some interruptions continued as the township is "carefully restoring its systems to ensure all data is safe and secure."
"Should it be determined that any confidential data retained by the Township was accessed, all necessary parties will be notified in accordance with the law," Mercantante said.
Mayor Tony Perry referred questions to Mercantante's statement.
Cyber attacks happen regularly in NJ
Other New Jersey municipalities and organizations have been the victims of cyberattacks and paid the price to regain access to their files.
After resorting to using paper files, Hackensack Meridian Health paid a ransom to hackers, citing a responsibility to protect the community's right to allow access to healthcare in 2019. Insurance covered the cost of ransom.
Wall public schools were crippled by a cyber attack in 2020 while the district was teaching classes online, according to an Asbury Park Press report.
A ransom of $150,000 was paid by Roselle in response to a cyberattack, according to the Press while Asbury Park public schools paid $49,000.
The U.S Department of Homeland Security tells organizations that are hit by ransomware to immediately reach out to the FBI and the Cybersecurity and Infrastructure Agency at this website.
According to the federal Department of Homeland Security, there are several ways to prevent a cyberattack:
- Limit personal information you share online. Change privacy settings and do not use location features.
- Keep software applications and operating systems up to date.
- Create strong passwords by using upper and lower case letters, numbers and special characters. Use a password manager and two methods of verification.
- Watch for suspicious activity that asks you to do something right away, offers something that sounds too good to be true or needs your personal information. Think before you click. When in doubt, do not click.
- Protect your home and/or business using a secure Internet connection and Wi-Fi network, and change passwords regularly.
- Check your account statements and credit reports regularly.
- Be cautious about sharing information about your bank account number, Social Security number, or credit card number. Only share personal information on secure sites that begin with https://. Do not use sites with invalid certificates.
- Use antivirus software, malware and firewalls to block threats.
- Do not click on links in texts or emails from people you don’t know.
Contact reporter Dan Alexander at Dan.Alexander@townsquaremedia.com or via Twitter @DanAlexanderNJ