Cyber Incident Victim: Yonkers, NY

The City of Yonkers, New York, experienced a significant ransomware attack beginning on or around September 5, 2021, which disrupted municipal operations for approximately one week. Attackers encrypted the city’s computer systems, rendering them inaccessible to employees across City Hall and affiliated departments. The incident was publicly confirmed by city officials on September 10, though internal awareness likely occurred earlier due to the immediate operational impact. A ransom demand was issued by the attackers to restore access to the encrypted systems, but Yonkers officials explicitly refused payment. Municipal operations relied on manual workarounds during the outage, as employees were unable to use computers for core administrative functions throughout the five-day disruption period.

In response to the attack, the city initiated recovery efforts focused on restoring systems from backups rather than engaging with the threat actors. Technical teams spent the week following the attack prioritizing data reconstruction and server restoration using available backup repositories. The incident caused widespread operational delays, though the exact scope of affected services or data types was not disclosed publicly. No evidence suggested citizen data compromise, as city statements emphasized system functionality loss rather than data exfiltration. Recovery efforts centered on rebuilding infrastructure independently, reflecting a deliberate strategy to avoid incentivizing further attacks through ransom payment. Municipal operations gradually resumed as systems were restored from backups, though the timeline for full recovery remained unspecified in available reporting.