Long Beach, Calif., is still dealing with the fallout of a network security incident that allowed an “unauthorized party” to acquire city data – and, potentially, individuals’ personal data – according to a press release.
It said that the city is “working with third-party cybersecurity professionals to determine the nature and scope of data that was taken,” including whether personal information (such as Social Security numbers) was accessed or acquired.
“We deeply understand and regret the angst caused by cyber security incidents on our residents, customers and employees and know how concerned our stakeholders are about the possibility of personal information being accessed,” said City Manager Tom Modica. “We as a City are fully committed to following established best practices for identifying affected individuals and providing support during this difficult time.”
Per the U.S. Census Bureau, Long Beach had an estimated population of 451,307 as of July 1.
“Should the City determine personal information was compromised, the City will notify any affected individuals via U.S. mail as soon as reasonably possible,” said the press release. “Further, should the City discover that individuals’ Social Security number was accessed and/or acquired, the City will provide credit monitoring services and other support to those individuals. This process of identifying specific individuals’ sensitive information is incredibly detailed and will likely take many weeks to complete.”
Ever since the incident occurred on Nov. 14, the city has been working on recovery, investigating the incident, improving security, helping staff and providing information to the public.
Part of the recovery process included taking certain systems offline to secure the network.
“Taking systems offline is a very tedious and extensive undertaking, as is the case with the mitigation efforts, and securely restoring systems and bringing them back online. A large contingent of City staff from the Department of Technology and Innovation (TID), have been working tirelessly since the incident occurred on the multitude of tasks, including those associated with properly bringing systems back online,” said the city.
In its press release, Long Beach noted that approximately 80 local governments have been the victims of cyberattacks this year. Just this week, Audacy station WWJ Newsradio reported that around 1 million Michigan residents were impacted by a cyber security breach discovered at Welltok Inc., a healthcare software-as-a-service company contracted by Corewell Health.
As of Monday, Long Beach had restored most of its internet connections, network and systems, including the main website. However, the process of restoring all connections and systems continued as of Wednesday. Long Beach said it expected the few remaining services to be available within a few days.
So far there have not been any major service disruptions.
“Certain systems like Utilities bill payment processing and digital amenities offered by Long Beach Public Library continue to be worked on. Utility billing late fees and shutoffs for non-payment continue to be suspended during this time,” said the city. “The City will continue to provide regular updates on these services as appropriate. Once all City systems and services are back online, there will likely be some backlogs and catch-up processes required to return to normal operations.”
While there is a possibility that individuals’ information was acquired in the breach, Long Beach said a forensic investigation found no evidence of encryption activity (also known as ransomware) in the network.
“This has been an unprecedented event for our City organization that we are taking very seriously, however I am incredibly proud of our response efforts thus far,” said Mayor Rex Richardson. “While most of our systems are now restored, the incident investigation remains ongoing. The recovery process may take time, but we remain steadfast in our dedication to restoring normalcy and ensuring the safety and security of our network, systems and our community. As a top 10 digital city, Number 1 for three years straight, our technology teams know how to provide excellent service as well as how to respond when systems come under attack.”
Further security investments were approved in the city’s FY 24 budget and other cybersecurity measures have been taken on by the city, said the press release. Anyone with questions should call 562-570-INFO (4636) from 8 a.m. to 5 p.m. on weekdays, excluding City holidays, for up-to-date information.