SUFFOLK, Va. — The Cybersecurity and Infrastructure Security Agency notified the City of Suffolk in late February that a malicious actor may have accessed and removed data from the city’s computer network, prompting an ongoing investigation and a broad public notification.
City officials said the alert came “on or about Feb. 25, 2026,” and triggered an immediate response involving internal staff and third-party cybersecurity experts to secure systems and assess potential damage.
According to the city, investigators determined that the threat actor attempted to deploy ransomware but was detected and stopped before the attack could be carried out.
“The investigation revealed that a threat actor attempted to deploy ransomware before City staff detected and shut down the unauthorized access,” the city said in a statement.
Despite stopping the attack, officials said the intruder may have accessed and removed data during a limited window of time. Investigators have not confirmed what information, if any, was obtained.
“Investigators have not determined what personal information, if any, the actor accessed,” the city said. “However, because an unknown actor may have acquired City data, we are notifying all potentially affected individuals out of an abundance of caution.”
The city said the potentially exposed information could include a person’s name — either full name or first initial and last name — along with other personally identifiable information, though specifics were not disclosed.
Click Here For The Original Source.
