BRIDGEPORT, W.Va. – In May 2021, the City of Bridgeport experienced a ransomware attack, and residents were notified in September about the attack. Now, the information that was taken is being found on the dark web.

Residents were sent a letter on Sept. 2, outlining that a cyber attack involving ransomware took place.

The letter said that information that was potentially taken includes social security numbers, driver’s license numbers, addresses and more, as that’s what is used when setting up utilities with the city.

Ransomware attacks take information and hold it “hostage” until a ransom is paid.

The city said in the letter they would offer free credit monitoring services because of the attack.

A message 12 News received from threat analyst Brett Callow of Emsisoft, a company that decrypts ransomware attacks, shows screenshots of the hacker’s website, clearly depicting “City of Bridgeport, WV” and information for download.

Randy Wetmore, Bridgeport City Manager, was unaware of the situation.

“Nobody’s contacted, that I know of, anybody at City Hall about it. Now that I know about it, I will call the people that we worked with through this and let them know what’s going on and they can investigate that as well,” said Wetmore.

Later, Wetmore released this full statement to 12 News:

Like many other localities, schools, and businesses across the country, in May 2021, the City of Bridgeport was the victim of a cybersecurity incident involving a ransomware attack wherein the cyber criminals both encrypted data in place and also claimed to remove certain data from our systems.  It appears, based on information provided to us, that the attackers posted information they claim they took on the dark web today.  We have not had an opportunity to review this posted information but will be doing so.

We have provided free credit monitoring to all impacted City of Bridgeport citizens and encouraged them to enroll in this free credit monitoring to protect themselves from the alleged posting of this information on the dark web.     

After discovering the attack, we promptly took steps to secure our systems and to begin investigating the nature and scope of the incident.  We engaged leading outside security experts to assist with our investigation and have implemented various cyber security enhancements.  We notified the FBI and are supporting their criminal investigations to bring the attackers to justice.  We also worked diligently to notify anyone who might be impacted via letter and also via information on our website. 

Just yesterday authorities announced an international crackdown on a cyber-criminal gang.  We continue to hope that both federal and international law enforcement will bring these cyber criminals to justice so that these criminals will stop their harassment of businesses and local governments.  Until then, we are working to continue to improve our security posture and encourage all West Virginia businesses to do the same.”

The city continues to investigate the information.