Winston-Salem, North Carolina, residents are not able to pay their utility bills online after a post-Christmas cyberattack knocked the city’s systems offline.
City officials initially announced a cyberattack on December 30, telling residents that they discovered issues with their digital platforms one day after Christmas.
“We are working diligently to investigate the source of the event with state and local agencies to confirm any impact to city systems and restore full functionality as quickly and securely as possible,” the city said. The message was still appearing Thursday as a banner on the city website.
“Out of an abundance of caution, certain city computer systems have been taken offline. However, there have been no disruptions to fire and police abilities to respond to calls,” the city said.
Although Winston-Salem was forced to take down all the digital payment systems for water and electricity bills, officials reiterated that there will be no service interruptions or late penalties charged to accounts. Residents can still pay in person with cash or checks.
A list of phone numbers were provided to residents who need to contact departments directly with specific issues.
Winston-Salem’s government has not provided an update since the December 30 message and did not respond to requests for comment. The city has about 250,000 residents, and its utility system also serves surrounding Forsyth County.
The incident is taking place at a particularly inopportune time as city officials are trying to communicate with residents about severe weather and freezing temperatures causing issues with roadways and sanitation.
In 2023 there were several attacks on counties and cities in North Carolina that disrupted resident services and caused delays.
According to local news outlet WFDD, Winston-Salem City Manager Pat Pate told the city council this week that “almost all the other major cities in North Carolina have been hit with an event similar to this in the past several years, some of them in the past year.”
Pate added that officials do not know when services will be restored but noted that federal agencies and the North Carolina National Guard are involved in the response effort.
North Carolina was the first state in the U.S. to ban government entities from paying ransoms connected to cyberattacks. The 2022 law also requires all agencies to immediately notify the North Carolina Department of Information Technology (NCDIT) in the event of a ransomware attack, which is tasked with responding to the incidents.
The attack on Winston-Salem capped a 2024 that saw dozens of damaging ransomware attacks on municipalities across the U.S. — including incidents affecting large cities like Columbus, Ohio and Hoboken, New Jersey.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.
