Cyber Incident Victim: Town of Didsbury

On March 21, 2021, the Town of Didsbury, Alberta, experienced a cyber attack involving ransomware that encrypted municipal information systems. The incident was publicly disclosed by town officials on March 26, 2021, five days after the initial compromise. Attackers deployed malicious software that restricted access to critical town data and infrastructure, subsequently issuing a ransom demand in exchange for decrypting the locked systems. The operational disruption occurred on a Sunday, though specific details regarding detection timelines or initial intrusion vectors were not disclosed. Municipal representatives characterized the event as a targeted ransomware attack by unidentified threat actors, confirming the encryption of systems but not specifying which departments or services were directly impacted. No information was provided regarding the ransom amount demanded or whether data exfiltration occurred alongside the encryption.

Town officials, including Mayor Rhonda Hunter, acknowledged the ransom demand but declined to confirm whether payment had been made to the attackers. The municipality did not release technical specifics about the affected systems, restoration processes, or operational consequences stemming from the encryption. Public statements confirmed the incident's occurrence and the attackers' financial motivation but omitted details about system recovery timelines, potential data compromise, or costs associated with remediation. The disclosure followed standard crisis communication protocols by confirming the attack's basic parameters while withholding tactical response details that could compromise ongoing investigations or future security postures. No additional information was provided regarding law enforcement involvement, third-party cybersecurity assistance, or long-term impacts on municipal operations following the March 21 encryption event.