Cyber Incident Victim: Town of Bourne
Date:
Jan 2025
Location:
United States of America
Summary
A cyberattack compromised the Town of Bourne's information technology systems, prompting cancellation of multiple public meetings and an ongoing criminal investigation. Police confirmed emergency services, phone systems, and email remained operational, while library public computers, Wi-Fi, and printing services were disrupted. The town lacks an IT director and outsourced services to Barnstable County IT following the termination of a prior director who had raised concerns about historical security vulnerabilities, including public computers with unsecured access to sensitive financial and personnel data. Officials declined to disclose attack specifics or confirm impacts on schools, citing active investigations. Emergency measures included hiring special counsel, and critical infrastructure like police dispatch operated independently from affected systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Town of Bourne experienced a cyberattack targeting its information technology systems, first detected on or around Saturday, January 11, 2025. Bourne Police Department publicly disclosed the incident on Sunday, January 12, through a statement confirming the potential network compromise while clarifying that police operations and 911 services remained fully operational. Town Administrator Marlene V. McCollem canceled all scheduled municipal meetings from January 14-17, including sessions of the Historic Commission, Sewer Commission, Select Board, Zoning Board of Appeals, Council on Aging, and Board of Assessors, though no explicit connection between the cancellations and technical impacts was confirmed. The Select Board held an emergency meeting on January 13 authorizing McCollem to hire special town counsel for emergency purposes. Throughout the week following the attack, town officials repeatedly declined to specify affected systems, compromised data, or attack vectors, citing ongoing criminal investigations involving multiple agencies. Phone systems and email communications reportedly remained functional, while the municipal website indicated all canceled meetings would be rescheduled without providing restoration timelines.
Background information revealed significant IT management challenges preceding the attack. The town had no listed IT staff at the time of the incident, having outsourced services to Barnstable County IT Department under an inter-municipal agreement since November 2023. Former IT Director Robert Przewozeny, terminated in March 2023, described longstanding security vulnerabilities during his tenure, particularly regarding public access computers at Town Hall that previously allowed unrestricted access to shared drives containing sensitive financial data, payroll information, and Social Security numbers. Przewozeny claimed to have implemented security improvements before his dismissal but expressed concerns about network security practices following his departure. Jonathan Bourne Public Library experienced service disruptions affecting public computers, Wi-Fi, and printing services starting January 13, though library leadership declined to confirm any direct link to the cyberattack. Bourne Public Schools maintained operational independence with separate servers and networking infrastructure, according to Superintendent Kerri Anne Quinlan-Zhou. Police reiterated that investigative updates would be provided as available, though no further details emerged beyond the initial announcement during the documented timeline.