City of Huber Heights Targeted by Ransomware Attack Sunday
Table of Contents
- By Steven
- Published: Nov 14, 2023
- Last Updated: Nov 15, 2023
The City of Huber Heights is in east Ohio, north of Dayton. The suburban area has a population of around 50,000, but other populated areas are nearby. Sunday morning, November 12th, 2023, the City of Huber Heights was subject to a ransomware attack; the investigation is ongoing, as the attack disrupted many City divisions.
How Did the Attack Occur?
There is no public information about how the attack happened, but this should change soon. The ransomware is presumably well-developed, as the City’s Media Release expects disruptions to continue throughout the week. The Release further states that while the attack did not influence the public safety sector, it did disrupt other City divisions. Zoning, Engineering, Tax, Finance, Utilities, Human Resources, and Economic Development were all potentially breached. The City website may have also felt the impact, as their utility online payment options are unavailable.
What Information Was Viewed or Stolen?
The data targeted in this breach is unknown as of this writing. However, we can gather some insight from what is public. The Media Release, for example, states that if anyone has exposed information, the City will subsequently notify them; this implies the attack might include resident information, but they may not be sure of whose or to what extent. Presumably, the warning is vague because ransomware encryptions embattle their cyber security defenses. They cannot see who or what was exposed because they don’t have complete control over the system.
How Did the City of Huber Heights Admit to the Breach?
The attack on Huber Heights happened at 8:13 a.m. on Sunday, November 12th. Presumably, widespread disruptions began around this time, with the City immediately reacting. They have reportedly isolated the attack but have not yet gained control. On November 13th, they released a limited update, answering some community questions. They note that not all City services are operable. However, they are working towards restoration.
What Will Become of the Stolen Information?
Almost everything about this attack remains unknown. The assailant’s goals may have various factors, none of which are in the official statements. If the attacker aimed only to extort the systems, the area residents may not have to worry about direct impacts. Conversely, if the assailants created the attack with prolonged profit in mind, residents may have more to worry about. Like the State of Maine’s recent breach, any resident associated with the local government may be at risk. Ultimately, impacted parties will know—the City has promised a notification.
What Should Affected Parties Do in the Aftermath of the Breach?
Regardless of who feels the impact—residents, businesses, or the City itself—everyone in the area should take precautions. Even if the City complied with the alleged ransom demands, there’s no way to guarantee the bad actors wouldn’t leak the data. Those who believe this breach will impact them should take immediate action. No one needs to wait for an individual breach notice to begin protecting their information. Monitor accounts closely for suspicious activity and report anything strange. Also, update all passwords and devices for maximum protection.
