The City of Hamilton became aware on the evening of Sunday, February 25, 2024 that it was impacted by a cybersecurity incident that compromised many of our IT systems, including disruptions to our phone system. A dedicated team of City staff and external experts took swift action to investigate, protect our systems, and minimize the impact on the community and facilitate recovery. The City has confirmed that it was a ransomware attack.
2.While cybercrime is a grave and reprehensible issue, many Hamiltonians may be wondering why it has taken so long to fully restore the impacted systems. Were there adequate backup systems, imaging, redundancy, and other industry best practices in place to protect against such an attack? If these safeguards were in place, how did they fail? If not, what steps are being taken to strengthen the city’s systems moving forward? To clarify, we are not asking for specific details that could compromise the city’s security efforts, but rather, in a broader sense, what industry best practices or new measures are being introduced as a result of this breach?
The City has been taking a thoughtful and intentional approach to its response, focused on best meeting the needs of the community. Despite the incident, the City has continued to deliver its critical programs and services.
As the City continues to recover and build back better, it is identifying opportunities to improve and strengthen systems and infrastructure and protect against future cyber incidents. The City is moving forward with application replacement and received Council approval for both funding and staffing increases to continue to advance the City’s Cyber resiliency as part of building back better.
The City has cybersecurity measures in place, which are updated regularly. Unfortunately, cybersecurity incidents are becoming more common globally. While the City continues to strengthen the security of its IT systems to the ever-changing landscape of cybersecurity threats, no security measure will make a