A municipality in British Columbia has admitted to being the victim of a cyberattack just over two weeks ago.
The admission made today comes after the LockBit ransomware gang listed the Sunshine Coast Regional District on its data breach website.
“On Thursday, September 8 and for most of Friday, September 9, the Sunshine Coast Regional District (SCRD) computer servers were offline,” the municipality said in a statement. “This caused an email outage at SCRD and our website was also offline. SCRD’s servers were back online within 16 hours with very little impact to services.
“At this time, it appears that the SCRD has been the victim of a deliberate attempt by criminals to access information on our servers. In response, the SCRD engaged an external cybersecurity firm to assist us in our investigation and the Sunshine Coast RCMP also opened a file on this cyber incident.
“Out of an abundance of caution, the SCRD also notified the [British Columbia] Office of the Information and Privacy Commissioner (Commissioner) which is considered best practice in these circumstances.
“The SCRD is currently working to determine if any personal data may have been compromised on our servers during the cyber incident. If this is the case, the SCRD will follow the procedures established through the ICDO with notifications to the persons concerned.
Based in the town of Sechelt, the regional district covers some 3,700 km2. It has a population of approximately 32,000 which includes the town of Gibson, the Indian Government District of Schelet, and several aboriginal reservations. Schelet is about two and a half hours by road and ferry from Vancouver. According to Wikipedia, the neighborhood is usually accessible by ferry, boat, or plane; no road connects it to the rest of the province.