Cyber Incident Victim: Village of Nashotah

In late November 2017, the Village of Nashotah experienced a cybersecurity incident involving unauthorized access to its computer systems. The attack resulted in the total encryption of the village’s computer files, rendering them inaccessible to staff and disrupting normal operations. The breach exposed personal information belonging to residents, specifically their names and driver’s license numbers, with addresses also potentially compromised. Village President Richard Lartz confirmed on December 7, 2017, that Social Security numbers and other sensitive data were not affected by the intrusion. The incident was characterized as a ransomware attack, where threat actors encrypted critical systems to extort payment. No details were provided regarding the initial detection method, the specific attack vector, or the duration of system unavailability prior to the ransom decision.

The village paid a $2,000 ransom to the unidentified hacker to obtain decryption keys and restore system functionality. Lartz emphasized that while voter roll data containing resident information was exposed, officials had no evidence confirming whether the hacker actually used or disseminated this information. The payment transaction occurred without public disclosure of the cryptocurrency or payment channel used. The encryption’s impact on municipal operations was not detailed beyond the general file inaccessibility. No additional containment measures, forensic investigations, or law enforcement engagements were mentioned in the available reporting. The financial transaction resolved the immediate encryption crisis but left unresolved questions about potential future misuse of the exposed personal data.