CLEARFIELD, Utah, July 21, 2021 (Gephardt Daily) — Clearfield officials have sent letters to residents after a recent data breach impacted the city.
The Mayor of Clearfield, Mark Shepherd, issued the following statement:
“As the information regarding our recent ransomware attack has become public, and questions have justifiably arisen as to why you were not informed about the data breach, I want to just take a moment and get this on the record for you.”
The letter goes on to say that on Sunday, July 11, at approximately 2 a.m., Clearfield IT personnel detected what they suspected to be a potential security breach of the city’s systems. In response to this concern, they immediately began shutting down all systems in hopes of preventing access to additional systems.
“As we look back 10 days later, after what are still ongoing investigations and negotiations, it is evident that their quick response prevented this event from becoming an absolute disaster,” the letter continues.
“Knowing that our residents financial data was not compromised is one of the reasons we did not bring this to the public’s attention sooner. In fact, we, along with our legal team, investigators, and insurance company, would have preferred not to have come forward with it yesterday.
“We are still in the middle of a negotiation with those whom the investigators refer to as ‘actors.’ I prefer to call them pirates, terrorists or simply thieves. When you are in the process of negotiating, the last thing you want is to show your cards or show weakness. Allowing the actors to believe they hold all the cards, and that they hold data which is valuable to us while we verify what data they actually have and what systems they accessed is a crucial part of the negotiations. The last thing we want them to do is stop negotiating and simply start demanding.”
The letter goes on to say that as the investigation is ongoing, officials cannot go into details of where and how the breach occurred other than to say the city has now made changes to attempt a breach happening in the future.
“What I can tell you is that we do not store our residents’ financial information on our servers,” the letter goes on. “Payments are run through outside sources, not internally, and those services were not compromised.
“As we continue to work through the investigation, we are still trying to determine what data these actors may have. While they do not have financial information from our residents, it is still possible they have information from our personnel files, police records (most of which are already public records) and such, but the further our investigators dig, the more hopeful we are that this is not the case. Our insurance provider will provide data/credit monitoring for those people whose information may have been compromised if that need arises. For now, we are more and more hopeful each day that our data is intact and that our IT department reacted quickly enough to prevent the situation from becoming worse.”