Joplin ransomware attack revealed customer information |

The personal and banking information of some city utility customers was accessible to cybersecurity terrorists who hacked into the Joplin city government computer and phones in July.

Affected customers are now being notified by letter that city officials have recently learned their information has been compromised, according to a city statement released Friday.

The system intrusion that occurred between July 2 and July 6 last year encrypted city data and records, blocked access to information stored in the system and temporarily disabled the phone system from the city.

A city insurer paid a $320,000 ransom demand intended to prevent the disclosure of any personal information the hackers obtained from the system.

City officials said after the incident was discovered that information about who had the city’s sewer and garbage services was not at risk. They said at the time that it was confirmed that the third-party service that processes utility payments was not part of the cybersecurity attack and that the city was not storing payment information in the city’s network. city.

The statement on Friday said information stored on city computers with the names and banking information of Joplin and Duquesne customers who paid by check between 2013 and 2021 was compromised, although that did not include people. who used the third-party service to pay online. or paid in cash.

Asked in an email for an explanation of the conflicting information regarding the possible compromise of customer information, the city replied:

“After Joplin provided the initial statement on July 7, we continued our investigation into information that may have been involved in the incident, a process that took time. Although the third-party service that residents can use to make utility payments was not involved, we determined that information regarding sewer bill payments made by check was stored in our network and may have been involved in this incident. We do not store other residents’ utility payment information. »

The city recommends that residents review their account statements and free credit reports for any unauthorized activity. If suspicious transactions have occurred or will occur in the future, the Resident should report such activity to their police or Sheriff’s Department.

During the investigation of the cybersecurity breach, it was also determined that the files regarding the employee health plan were accessed by the system intruder or intruders.

These records were reviewed and letters were sent to these individuals on September 8, 2021. These records contained social security numbers and health insurance information for individuals covered by city health insurance from 2015 through 2020 .

As a result, the city provided free identity monitoring services to these people for one year to enjoy credit monitoring, fraud consultation and restoration of theft. identity.

When asked why these services were not provided to utility customers, the city responded through its public information officer, Lynn Onstot, that:

“The credit monitoring product is designed to notify you when someone opens a new credit account or files a false tax return using your information, which may occur with a social security number or license number. We provide these services free of charge to all health plan enrollees. However, this product does not alert you if or when fraudulent activity is occurring on a bank account. As a best practice, individuals (utility customers) should monitor their accounts for suspicious activity and report it to their bank or financial institution.

City officials have since put in place a $194,000 contract with a Kansas City cybersecurity firm to provide better protection for the city’s computer system and online functions.

City officials opened a dedicated call center to answer questions about the compromised information. This center can be reached from 8 a.m. to 5:30 p.m. Central Standard Time weekdays at 1-855-651-2613.