Cyber Incident Victim: City of Flint
Date:
Aug 2024
Location:
United States of America
Summary
The City of Flint experienced a disruptive ransomware attack causing widespread internal network and internet outages, significantly impacting online services while critical operations remained unaffected. Emergency services, public works, and health services continued functioning normally, including 911, waste collection, water utilities, and free water filter distribution. The city’s website remained accessible, but linked platforms such as billing systems and GIS maps were unavailable. Investigations involving the FBI, state authorities, and cybersecurity experts are ongoing to assess potential data compromises and restore services, though no timeline exists for full recovery. Officials emphasized leveraging regional expertise from similar Michigan cyber incidents while urging vigilance against identity theft.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 14, 2024, the City of Flint experienced a criminal ransomware attack that disrupted its internal network and internet services beginning in the early morning hours. The incident caused widespread outages affecting multiple online services and municipal operations. City officials confirmed the involvement of the FBI and the Michigan Attorney General’s Office in the investigation, while the City’s IT Department collaborated with cybersecurity experts to assess the scope of the attack and develop restoration strategies. No timeline for full service recovery was established at the time of reporting. The City initiated an investigation to determine whether resident or employee personal data was compromised, urging individuals to proactively guard against identity theft. Mayor Sheldon Neeley acknowledged the disruptions and commended staff and partners for their response efforts, emphasizing a commitment to minimizing resident impact. Service restoration updates were promised as conditions evolved, with officials cautioning residents to expect ongoing fluctuations in availability.
Operational impacts included the partial or complete unavailability of linked platforms such as the BS&A billing system and GIS maps, though the City’s primary website remained accessible on a separate server. Emergency services—including 911, dispatch, law enforcement, fire operations, and Public Works functions like waste collection, street maintenance, water/sewer utilities, and blight elimination—continued without interruption. The Office of Public Health maintained normal operations, offering free water testing kits and filters at City Hall and the Clio Road Service Center. Officials contextualized the incident within a broader trend of cyberattacks targeting Michigan municipalities, noting that this environment enabled Flint to leverage established response resources. The City’s public communications focused on factual updates regarding service interruptions while avoiding speculation about attribution or technical details of the attack.