Cyber Incident Victim: Town of Colonie
Date:
Jan 2020
Location:
United States of America
Summary
A cyber-attack disrupted computer systems and email services in an Albany County municipality, causing prolonged operational issues across multiple departments. The incident prompted reliance on pre-existing data backups to maintain partial functionality, with officials confirming no compromise of personal data and assuring continued operation of critical health and safety services. Communications regarding the incident were disseminated via fax due to system outages. Local authorities acknowledged the attack's similarity to widespread incidents affecting other municipalities, emphasizing the growing prevalence of such disruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 4 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 15, 2020, the Town of Colonie in Albany County, New York, experienced a cyber-attack that disrupted municipal operations by taking the town’s computer systems and email offline. The incident persisted for multiple days, with many departments still facing operational challenges by Friday, January 17. Town spokesperson Sara Wiest confirmed ongoing efforts to determine the precise nature and scope of the attack but emphasized that no personal data appeared compromised. Critical health and safety services remained functional despite the outage, ensuring no immediate public safety risks. The town relied on pre-incident data backups to sustain partial operations, enabling departments to continue work without full system access.
In response to the disruption, the Town of Colonie reverted to analog communication methods, issuing a public news release about the incident via fax on January 17. The release reiterated that investigations had found no evidence of compromised personal information and assured residents of uninterrupted essential services. Supervisor Paula Mahan characterized the incident as part of a broader trend affecting municipalities, noting the need for adaptation to such threats. No ransom demand or specific attacker attribution was disclosed publicly. The town did not confirm whether the incident involved ransomware or other malware, nor did it detail technical containment measures beyond isolating affected systems. Recovery efforts focused on restoring access to backed-up data while maintaining minimal service interruptions through manual workarounds.