Cyber Incident Victim: Meriden
Date:
Feb 2026
Location:
United States of America
Summary
Meriden experienced a network interruption that prompted officials to shut down its systems and relocate emergency dispatch to a state facility while investigations proceeded. The city maintained essential 911 operations through temporary workstations, kept many departments offline, and relied on hand‑written records for most services as technicians worked to verify the environment was secure before restoring connectivity. After weeks of incremental restoration, including email access for some staff, the dispatch center returned to its location and officials noted that the investigation remained active without specifying a timeline for full recovery.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 13, 2026, Meriden’s information technology workers detected an attempted interruption of the city’s computer network and immediately shut down the system to identify and assess any breaches. The shutdown forced city workers in all departments except the public schools to keep hand‑written records while the network remained offline. On February 17, the Meriden 911 center staff was temporarily relocated to the Connecticut Statewide Emergency Communications Center at the Connecticut Police Academy in Meriden, where state engineers established radio communications and set up four additional 911 workstations to maintain uninterrupted emergency response capabilities. The City Clerk’s office began directing residents to outside towns for vital statistics software access for birth and death records after October 1, 2001, while earlier records and marriage licenses remained available at City Hall for cash only. Other city departments continued to manually record data for later reentry once the network was restored.
Almost two weeks after the detection, city officials stated that a comprehensive investigation was ongoing and that they did not have a timeline for when full service might be restored. On March 3, Meriden began slowly restoring some online services, including email access for certain employees, although the date for complete system recovery remained unclear. After operating from the Police Academy for approximately three weeks, the emergency dispatch center returned to its usual location at the Meriden police station, as confirmed by state and local police. Throughout the outage, Meriden officials said they were working with outside agencies and had initially hoped the system would be restored within days. The state’s Division of Statewide Emergency Telecommunications continued to assist Meriden alongside its support for New Britain following that community’s January ransomware incident.
Officials in Meriden have not classified the February incident as a ransomware attack, distinguishing it from the confirmed ransomware breach that affected New Britain at the end of January 2026. The interruption in Meriden occurred shortly after the New Britain attack, which also disrupted phone service and whose email and phone systems were later reported as operational. No ransom payment details were disclosed for either municipality, and New Britain officials indicated they were still calculating costs and evaluating security improvements as of early March. The state’s Department of Emergency Services and Public Protection noted that both incidents highlighted the ongoing cybersecurity risk to municipal governments in Connecticut.