Connecticut city of West Haven assessing impact of cyberattack

Avatar

The government of West Haven, Connecticut, says it is investigating a cyberattack that recently forced it to temporarily shut down all of its IT systems. 

In an update on January 11, Mayor Dorinda Borer said “an IT system security incident” on an unspecified day had forced the shutdown. The city initially said in a Facebook post on December 26 that the government was “experiencing a network disruption.”

The city is still assessing what data might have been affected by the incident, the update said.

“As a result of the city’s established practices and general preparedness for a situation like this, the systems impacted by this incident were backed up in a manner that allowed for all systems to be operational within a few days,” the city said. 

The city of more than 50,000 residents near New Haven and Yale University did not respond to requests for comment about whether the incident was a ransomware attack. 

The statement from January 11 said more information will be released once the investigation has been completed. 

The attack was claimed by the Qilin ransomware group on January 11. The group drew international outrage last summer after it disrupted healthcare across London by attacking blood testing giant Synnovis. 

Sensitive healthcare data for nearly 1 million people was leaked after the attack and more than 1,100 operations were postponed due to the lack of Synnovis’ pathology services. Qilin actors allegedly demanded a $50 million ransom.

The gang emerged in 2022 as a ransomware-as-a-service operation and has targeted a variety of organizations across the U.S. and Europe. Cybersecurity experts infiltrated the group’s systems in 2023 and found ransom demands amounting to millions of dollars. 

Experts tracked at least 25 confirmed attacks by Qilin with more than 100 more unconfirmed incidents launched by the group’s hackers.

The attack on West Haven comes as several U.S. municipalities report holiday cyber incidents. Elsewhere in New England, the Massachusetts town of Bourne reported on January 11 that its IT network had been compromised.

CybercrimeNewsNews BriefsGovernment
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Tennessee-based mortgage lender confirms December cyberattack

Next Post

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Related Posts

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation

The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation." PlugX, also known as Korplug, is a remote access trojan (RAT) widely used by threat actors associated with the People's Republic of China (PRC
Avatar
Read More

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below - CVE-2025-24085 (CVSS score: 7.3) - A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate
Avatar
Read More