Cyber Incident Victim: Kennebec County Phone System

During the weekend of October 3-4, 2015, Kennebec County's phone system experienced a significant breach when hackers generated over 2,100 calls—far exceeding the typical 400-call weekend volume. BCN Telecom, the county's telecommunications vendor, detected this abnormal activity by Sunday and promptly disabled long-distance calling capabilities across all county departments to contain the attack. County Administrator Robert Devlin confirmed the unauthorized calls primarily targeted international gaming sites, with call logs showing connections to Cuba, the United Kingdom, Albania, Syria, and Lithuania. Investigators determined attackers likely used a botnet—a network of compromised computers—to identify and exploit a vulnerable password within the phone system. No specific threat actor group was identified. The county initiated password updates across affected systems while BCN Telecom worked to restore long-distance services, which remained partially suspended during the initial recovery phase earlier in the week following the incident.

This marked the first successful compromise of the county's phone infrastructure, though Devlin noted routine computer hacking attempts necessitated layered firewall protections. In a previous unrelated incident, the county had received a single ransomware demand but refused payment, opting instead to wipe and rebuild the affected machine using backups. The phone breach resulted primarily in operational disruptions, including staff time diverted to security updates and new restrictions requiring IT department approval for all international calls—previously a rare but available function. Concurrently, Maine's state government website had suffered a separate denial-of-service attack earlier in 2015, causing hours of downtime, though no direct connection to the county incident was established. Financial losses were limited to labor costs for system remediation, with no data theft or ransom payments reported.