Cleveland Taxpayer Data ‘Safe’ after Cyberattack Knocks City Systems Offline

The City of Cleveland in the US state of Ohio has taken some services offline as it deals with a cyberattack, assuring residents that hackers haven’t accessed their data.

City officials on Monday posted a brief notice on X (formerly Twitter) informing citizens that “City Hall and Erieview are closed today June 10, except for essential staff, as we investigate a cyber incident.”

Emergency services unaffected

“We have shut down affected systems to secure and restore services. Emergency services and utilities are not affected. Updates will be provided as available,” the post said.

Most critical services remain operational, including the Department of Public Services such as 911, Police, Fire, and EMS, as well as the Department of Port Control, including Cleveland Hopkins and Burke Lakefront Airports.

The Department of Public Utilities is also unaffected, including Water, Water Pollution Control, and Cleveland Public Power services. Municipal Courts are also deemed operational, “as they are on a different system,” so anyone with a court date must still show up on time, according to a series of updates on X that kept upinto the evening.

Taxpayer data allegedly safe

The situation remained unchanged into Tuesday, with the city informing residents that only the City Hall and Erieview Plaza would remain closed into June 11.

Residents concerned that hackers may have accessed their personal or financial data are assured that taxpayer information held by the CCA and customer information held by Public Utilities has not been accessed by any unauthorized party.

The city has yet to post an official statement about the incident on its website, but it is trying to stay transparent with a series of updates shared on social media and over the phone at 311, where Cleveland residents can speak with a Citizen Support Specialist.

The latest update, again shared on X, includes a more official-sounding press statement:

“The City of Cleveland is currently investigating a cyber incident. The City identified abnormalities in its IT environment. At that time, the Coty took precautionary actions to contain those abnormalities. Since that time, we have been investigating the nature and scope of the incident. We will be able to determine the length of this event as more information is learned through the investigation. If you are in need of emergency services, please call 911.”

The X thread includes an FAQ for citizens seeking clarifications about the incident, what is being done to resolve the issue, and a list of services that are or aren’t operational.

Hackers yet to be revealed

None of the major ransomware operations in existence today have claimed responsibility for the breach, so it’s unclear if this was a targeted attack on Cleveland city systems.

The incident doesn’t seem to have resulted in any data leak (yet), but Cleveland citizens should still keep a watchful eye on their inboxes and incoming texts for fraud attempts leveraging personal data. Fraudsters use data stolen in breaches like these to build clever shams and bait the public.

Americans lost over a billion dollars in 2023 to scammers impersonating businesses or government agencies, the FTC said in a report this year.

According to the Bitdefender 2024 Consumer Cybersecurity Assessment Report, few people consider themselves an actual target for cybercriminals. Scams run rampant worldwide yet consumers still engage in complacent cybersecurity practices, making it imperative to employ dedicated security on our personal devices.

Stay protected

Scamio combats cyber-scams leveraging personal information stolen in data breaches. If you're suspicious about a certain phone call, email, or SMS, simply describe the situation to our clever chatbot and let it guide you to safety. You can share with Scamio the exact thing you want to check: a screenshot, PDF, QR code, or link. Scamio lets you know in seconds if it’s a sham. Use it anywhere via web browser, Facebook Messenger, or WhatsApp. Share Scamio with your friends and family abroad in France, Germany, Spain, Italy, Romania, Australia, and the UK.

Anyone affected by a data breach should consider a data monitoring service. Bitdefender Digital Identity Protection lets you find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is up for sale on the dark web.