Connecticut city of West Haven assessing impact of cyberattack

The government of West Haven, Connecticut, says it is investigating a cyberattack that recently forced it to temporarily shut down all of its IT systems. 

In an update on January 11, Mayor Dorinda Borer said “an IT system security incident” on an unspecified day had forced the shutdown. The city initially said in a Facebook post on December 26 that the government was “experiencing a network disruption.”

The city is still assessing what data might have been affected by the incident, the update said.

“As a result of the city’s established practices and general preparedness for a situation like this, the systems impacted by this incident were backed up in a manner that allowed for all systems to be operational within a few days,” the city said. 

The city of more than 50,000 residents near New Haven and Yale University did not respond to requests for comment about whether the incident was a ransomware attack. 

The statement from January 11 said more information will be released once the investigation has been completed. 

The attack was claimed by the Qilin ransomware group on January 11. The group drew international outrage last summer after it disrupted healthcare across London by attacking blood testing giant Synnovis. 

Sensitive healthcare data for nearly 1 million people was leaked after the attack and more than 1,100 operations were postponed due to the lack of Synnovis’ pathology services. Qilin actors allegedly demanded a $50 million ransom.

The gang emerged in 2022 as a ransomware-as-a-service operation and has targeted a variety of organizations across the U.S. and Europe. Cybersecurity experts infiltrated the group’s systems in 2023 and found ransom demands amounting to millions of dollars. 

Experts tracked at least 25 confirmed attacks by Qilin with more than 100 more unconfirmed incidents launched by the group’s hackers.

The attack on West Haven comes as several U.S. municipalities report holiday cyber incidents. Elsewhere in New England, the Massachusetts town of Bourne reported on January 11 that its IT network had been compromised.