No documents with personal identifiable information were accessed
MOUNT VERNON, December 27, 2022 – On Monday, Dec. 19, 2022, the City of Mount Vernon was made aware of a data breach that occurred at about 3 a.m. that morning.
The breach occurred through a remote access tool utilized by the City’s information technology (IT) provider, which also affected other clients of that provider. The intruder installed ransomware known as Lockbit, requesting a ransom for access to certain files.
The impacted departments in the City were Mount Vernon Municipal Court, the Police Department, Auditor’s office and Public Works.
The City and its IT provider spent much of last week working to restore these systems by utilizing backup data, and the vulnerable software has been removed from all systems. At this time, the City does not believe that any documents with personal identifiable information (PII) have been removed, or accessed, from City systems.
The City is working with its insurance provider to have an independent evaluation of the breach conducted to ensure that no PII has been stolen. The City will continue to update the public regarding this situation as new information is received and, if necessary, perform the required notifications if any person’s personal information has been accessed.