MOUNT VERNON – The city of Mount Vernon suffered a data breach on Dec. 19 when ransomware was installed by an intruder, though it does not believe any personally identifiable information was removed or accessed.
The breach occurred through a remote access tool used by Mount Vernon’s information technology provider, according to a press release issued Tuesday. The ransomware Lockbit was installed with a request for ransom to access certain files.
Mount Vernon’s municipal court, the police department, auditor’s office and public works were affected.
Other clients of the IT provider were also affected.
The IT provider and the city spent the days since the breach working to restore systems by using backup data. The vulnerable software has been removed from all systems, the release reported.
“At this time, the city does not believe that any documents with personally identifiable information (PII) have been removed, or accessed, from city systems,” according to the release from city spokesperson Todd Hill.
The city continues to work with its insurance provider for an independent evaluation to be conducted of the breach to ensure that no PII has been stolen.
The public will be updated as new information is received. If necessary, anyone whose personal information has been accessed will be notified.
