The Town of Apex in North Carolina said it successfully recovered the personal information of more than 22,000 individuals that hackers stole from its network during a ransomware attack between June and July 2024.
The Town of Apex said in a data breach notification filed with the Office of the Attorney General of Maine that the ransomware attack occurred between June 23, 2024 and July 2, 2024, during which time hackers successfully exfiltrated the personal information of 22,601 individuals from its computer network.
The Town, located in Wake and Chatham counties in North Carolina and hosting a population of about 60,000 people, said that following the ransomware attack, it immediately contacted the FBI and the federal agency’s investigation found that the hackers had uploaded the stolen data on a cloud storage server.
The Town then petitioned the Wake County Superior Court and obtained a temporary Restraining Order in October 2024 to make the cloud storage provider, Bublup, Inc., give it full and unrestricted access to the database that contained the stolen data, and promptly recovered all the data.
“Since the time that the Town’s data was returned, we have worked continuously to identify the individuals impacted by the Incident in order to notify them as quickly as possible. This included working with a trusted third-party data analytics team as we conducted an in-depth review of the impacted data,” the Town said.
“When public data is targeted by criminal actors, we must have clear pathways to recover it quickly,” said Apex Town Manager Randy Vosburg. “We saw the opportunity, and we hope that taking decisive legal action in this case will allow other local governments to also take a stand for the privacy rights of their residents.”
The Town said that following the cyber attack, it quickly implemented measures to enhance the security of its systems, strengthened authentication controls, and enhanced endpoint detection and response capabilities.
“We continue to make security a priority, including regularly monitoring for potential security threats and managing access to our systems. Additionally, we continue to work with leading privacy and security firms and have reported this Incident to relevant government agencies,” it added.
Click Here For The Original Source.
