MOBILE, Ala. (WALA) – Mobile County government officials Friday said they are alerted all employees – more than 1,600 people – that their Social Security numbers, dates of birth and other sensitive information may have bene compromised in a computer attack in May.
County officials initially said they had contained the damage and quickly restored systems. Later, officials acknowledged that computer forensics experts were assessing the situation.
“Although our investigation is ongoing, we have determined that certain computer systems were subject to unauthorized access on May 24, 2021,” the county said in a statement. “Through the forensics process, we learned on July 1, 2021 that employee information was at risk.”
The county also disclosed on Friday that it learned on July 13 that the health insurance contract number for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county, also were at risk.
“Given this news we are providing Mobile County employees with notice and information about credit and identity protection,” the county stated. “Mobile County and specialists continue to review the remaining contents of the affected systems to determine what, if any, sensitive information regarding other parties was contained within these systems.”
Sharee Broussard, a spokeswoman for the county, told FOX10 News she could not elaborate beyond the statement. She said the investigation has revealed that all employees are at risk but that it is impossible to say how many Social Security number and other data actually have been taken.
“We can’t say exactly,” she said.
Brian Linder, a ransomware expert for the cybersecurity firm Check Point Software, told FOX10 News last week that his firm has reviewed a ransomware demand posted by the group purportedly responsible for the Mobile County attack. He said he could not verify the group’s claims but added they sound plausible.
“The volume of data that was stolen during the attack was fairly significant,” he said. “It looks like 90 gigabytes of data, which is quite a bit of data. And you know, so the opportunity for those bad actors to take that data and sell it could be very concerning for, you know, anyone that had data in there.”
Officials said they will continue to provide notice as they learn of other potentially affected data. They added that they are taking steps to implement additional safeguards and are reviewing policies and procedures related to data security. The county has set up an assistance line to answer employees’ questions – 855-545-2006, Monday through Friday from 8 a.m. to 5:30 p.m.
“Everything is spelled out in the letter” the employees received, Broussard said.
Updated at 1:41 p.m. to clarify remarks of county spokeswoman Sharee Broussard.