The city of Stoughton was working to get its email system back online Thursday nearly a week after officials there noticed suspicious activity in its information technology network and shut it down to prevent any more harm.
A.J. Gillingham, who leads human resources and risk management for the city of about 13,000 people 19 miles south of Madison, said the system was “compromised,” but no employee information, resident tax information or other personal data was lost.
“We are positive that nothing left our system,” she said.
She said officials were trying to determine exactly what happened but that so far it doesn’t appear to have been a ransomware attack, in which hackers take control of a user’s data, folders or devices and demand payment to relinquish them. She said the city has not received any demand for ransom.
The city discovered the attack on Friday. It was able to get its phone system up and working by Wednesday morning. The city’s emergency dispatch system was affected, but service was not interrupted because the city rerouted calls to the Dane County 911 center in Madison.
Wisconsin Department of Administration spokesperson Molly Vidal said the agency’s Division of Enterprise Technology has seen “an increase in phishing attempts, ransomware attacks and credential stuffing” among private and public IT systems. Credential stuffing is when stolen usernames and email addresses and their corresponding passwords are used to break into networks.
PHOTOS: STOUGHTON 48, MADISON EDGEWOOD 33