Cyber Incident Victim: City of Willoughby
Date:
Jun 2025
Location:
United States of America
Summary
The City of Willoughby became aware of potential unauthorized access to its systems, promptly isolated the network and enlisted third‑party specialists to contain and investigate the activity. Although the investigation could not confirm that any data was copied, the city noted that information at risk could include names, Social Security numbers, driver’s license numbers and bank account numbers for individuals who had provided such data to the municipality, emphasizing that only internal city data were involved and no resident data were affected. In response, the city secured its environment, implemented additional technical safeguards and began offering complimentary credit monitoring and identity protection services, while providing a dedicated assistance line for inquiries.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 8, 2025, the City of Willoughby became aware of potential unauthorized access to certain of its systems. Upon identification, the City took immediate steps to isolate and secure its network environment. To assist with containment and investigation, the City engaged third‑party cybersecurity specialists. The specialists worked with City personnel to investigate the nature and scope of the activity.
The investigation determined that the information potentially at risk included names, Social Security numbers, driver’s license numbers, and bank account numbers for individuals who had provided such data to the City. The City emphasized that the data at risk consisted solely of internal City records and did not include any residents’ personal information. Although the investigation could not confirm that any data had actually been copied from the network, the City issued the notice as a precautionary measure.
In response, the City secured its network environment and conducted a thorough investigation of the incident. It subsequently implemented additional technical safeguards designed to enhance the security of its information systems and to reduce the likelihood of similar events. The City also arranged to provide affected individuals with twelve months of complimentary credit monitoring and identity protection services and established a dedicated assistance line reachable at 1‑833‑380‑4395 during specified business hours for inquiries.