Cyber Incident Victim: City of Troy

On February 2, 2017, officials from the City of Troy confirmed that their computer system had been compromised by ransomware earlier that week. The attack was first detected on Monday, January 30, when malicious software infiltrated municipal systems, though specific entry vectors or attacker identities remained undisclosed. City information technology personnel responded by isolating the infected systems to prevent further spread across the network. Mayor Patrick Madden's spokesman, John Salka, publicly acknowledged the incident while emphasizing that critical backups allowed for system restoration without paying ransom demands. The disruption occurred alongside unrelated technical issues affecting online property tax payments on the same Monday, though officials clarified these events were coincidental rather than connected to the cyber intrusion. No operational downtime or data loss was reported due to the availability of functional backups.

The city's restoration process involved rebuilding affected systems from pre-existing backups, with full recovery achieved by Thursday's announcement. Concurrently, Troy's IT department initiated deployment of a new firewall infrastructure designed to strengthen defenses against future ransomware attacks. Salka confirmed both the resolution of the ransomware incident and the separate property tax payment system glitch, though technical specifics regarding impacted departments or operational consequences remained unstated. Municipal operations resumed normally following containment, with no evidence suggesting data exfiltration or secondary infections. The incident concluded with proactive security enhancements underway but no disclosed forensic findings about the attackers' methodology or demands.