Cyber Incident Victim: City of Bridgeport

In late May 2021, the City of Bridgeport, West Virginia, experienced a ransomware attack that encrypted municipal IT systems, disrupting government operations. The attack involved malicious actors deploying ransomware to restrict access to city data until a ransom payment was made. City officials promptly engaged cybersecurity experts to investigate the breach and immediately notified the FBI Cyber Crimes Division. Operations were subsequently restored, though the exact timeframe for recovery was not specified in public communications. Residents received formal notification through a five-page letter detailing the incident’s occurrence and potential risks. While no direct evidence confirmed unauthorized access to sensitive data, the city acknowledged that stored personal information—including Social Security numbers, birth dates, addresses, driver’s license numbers, and other account-establishing details—could have been exposed due to the system compromise.

The city’s investigation, conducted with external cybersecurity specialists, concluded that attackers might have accessed files containing resident information, prompting proactive notifications to all potentially affected individuals. Bridgeport offered one year of complimentary credit monitoring and identity protection services to residents, requiring enrollment by December 31, 2021, to activate the benefit. Officials emphasized their commitment to data security, disclosing that new cybersecurity protections were being implemented and that existing security measures were under evaluation for further strengthening. The incident reflected broader trends of ransomware targeting municipal entities across the United States, though no ransom payment details or specific attacker attribution were disclosed. No resident financial losses or identity theft cases linked to the breach were reported in the immediate aftermath, with remediation efforts focused on system hardening and resident support through credit monitoring.