Cyber Incident Victim: City of Ellensburg

In December 2020, the City of Ellensburg, Washington, publicly confirmed it had fallen victim to a ransomware cyberattack. The attack rendered the majority of the city’s network drives and internal data inaccessible, disrupting operations across all municipal departments. City officials did not disclose the specific strain of ransomware used in the attack or whether the attackers had issued a financial ransom demand. The incident caused immediate operational paralysis, with critical systems including utility billing, administrative services, and financial services becoming unavailable. This widespread disruption hindered the city’s ability to process payments, manage financial records, and conduct routine administrative functions. No details were provided regarding the initial attack vector, the duration of system compromise prior to detection, or whether data exfiltration occurred alongside the encryption of files.

The ransomware’s impact extended beyond technical systems to essential public services, though the city did not specify whether emergency response systems or public safety operations were affected. Municipal employees faced significant challenges in performing daily tasks due to the loss of access to network resources and data repositories. The city did not release information about containment measures, recovery timelines, or whether external cybersecurity experts were engaged to assist. No public statements addressed potential impacts on residents’ personal data or the long-term financial consequences of the disruption. The incident highlighted vulnerabilities in local government infrastructure but yielded no confirmed attribution to any specific threat actor or group based on the available public disclosures.