The City of Cleveland, Ohio, has been hit by a cyberattack that has closed City Hall and other offices, but the city says essential services remain operational.
The city hasnβt revealed the nature of the incident, but the Cleveland cyberattack is one of the highest-profile ones to date affecting a major U.S. municipality.
In a recent update on X, the city said it is βstill investigating the nature and scope of the incident. The City is collaborating with several key partners who provide expert knowledge and deep experience in this work.β
Cleveland Essential Services Functioning
City Hall and offices at Erieview Plaza are closed to the public and non-essential employees, but the city sought to reassure residents that key services and
data remain safe.
Emergency services, such as 911, Police, Fire, and EMS are operational, along with other essential services such as water, pollution control, power services, ports and airports.
The update said that βcertain City data is confirmed to be unaffected, including:
- Taxpayer information held by the CCA.
- Customer information held by Public Utilities.β
That still leaves other data sources that could be affected, however, such as city employeesβ personal data.
In its initial announcement on X, the city said, βWe have shut down affected systems to secure and restore services. Emergency services and utilities are not affected. Updates will be provided as available.β
The city hasnβt said whether the incident is ransomware or another
cyber attack type, but that will presumably be revealed in later updates.
Cleveland itself is home to 362,000 residents, while the surrounding metropolitan area has a population of more than 2 million.
Cleveland Cyberattack Follows Wichita Ransomware; Healthcare Network Hit
Cleveland isnβt the biggest U.S. city to be hobbled by a
cyber attack, as at least a few bigger cities have been hit by cyber incidents.
The 394,000-resident
city of Wichita, Kansas was hit by a ransomware attack last month in an attack linked to the
LockBit ransomware group, but Baltimore was perhaps the biggest U.S. city hit by a cyberattack in a crippling
2019 incident that closely followed an Atlanta cyberattack.
All of that pales in comparison to the U.S. government, which got hit by more than 32,000 cybersecurity incidents in fiscal 2023, up 10% from fiscal 2022, according to a new White House
report on federal cybersecurity readiness.
Threat actors seemingly have no end of targets, as a healthcare network in Texas, Arkansas and Florida is also reporting recent cyber troubles that the BlackSuit
ransomware group is claiming responsibility for.
The Special Health Resources network posted a notice on its
website (copied below) that states, βWe are currently experiencing a network incident that has caused a temporary disruption to our phones and computer systems. During this time, we are STILL OPEN and ready to serve our patients and community!β
[caption id="attachment_76662" align="alignnone" width="750"]
Special Health Resources website notice[/caption]
If Special Healthβs troubles are linked to a cyberattack, they seem to have fared better than the damage sustained by
NHS London recently, as cyber attackers seemingly have abandoned long-standing pledges to avoid attacking healthcare systems.