Cyber Incident Victim: Mountain Home Water Department

On or around March 13, 2017, the Mountain Home Water Department experienced a ransomware attack targeting its server infrastructure. The malicious software encrypted data on the system, rendering it inaccessible to department personnel until a ransom payment was made. City officials, including Water Department Director Alma Clark, confirmed the incident but refused to comply with the attackers' financial demands. Instead of negotiating with the threat actors, the city initiated an immediate containment response by erasing the compromised server entirely. This decisive action aimed to eliminate the ransomware's presence and prevent further encryption or system damage. The incident did not result in prolonged operational disruption due to the availability of recent backups.

Baxter County Computer Services owner Mark Thomas disclosed that technicians restored the water department's operations using a backup created the night before the attack. The server was re-installed from this clean backup copy, allowing the department to resume normal functions without data loss or permanent service interruptions. Thomas further confirmed that forensic examination revealed no evidence of data exfiltration, indicating the attack solely focused on encryption for extortion rather than information theft. The city's reliance on pre-existing backup protocols proved critical in mitigating the ransomware's impact, avoiding both financial losses from ransom payments and operational downtime. No additional systems or municipal departments beyond the water department's server were reported as affected in this incident.