Flint, Michigan ransomware attack knocks city offline


The City of Flint, Michigan is still reeling Friday after discovering its municipal networks were breached two days ago in a massive ransomware attack.

Flint officials said they first became aware of the unauthorized access on Wednesday, August 14th, alerting residents at 9:26 a.m. CT it was “unable to take payments and conduct other web-based business at this time.

Promising to provide an update when the situation was “resolved,” the City of Flint revealed on Thursday that the “ internal network and internet outage” was due to “a criminal ransomware attack.”

ADVERTISEMENT

“Disruptions began in the early hours of Wednesday, August 14th, 2024,” the city posted on its official website, along with a note announcing the city was only accepting payments “made by cash or check at this time.”

The city said IT teams were working closely with the FBI and outside cybersecurity experts to investigate and recover access to systems, but it did “not yet have a timeline for restoration.”

Warning residents of gaps in service and continuous changes, Flint Mayor Sheldon Neeley said the city was “working hard to resolve this issue and to minimize disruption for residents.”

The Flint metro region is the fourth-largest in the Midwestern state of Michigan, with a population of about 350,000 as of 2024, according to market research firm Macrotrends.

Earning the nickname "Vehicle City” for birthing General Motors, Flint is about an hours drive north from Detroit and east of Lansing, Michigan's state capital.

Internet access, phone lines, and employee email accounts have all been impacted, including the ability to use online or credit card payments for water, sewer, and tax payments.

ADVERTISEMENT

The City of Flint website, which is hosted on a separate server, is “generally intact, except to linked platforms,” the notice stated.

Access to Flint's BS&A cloud services, a software management and payments system used by hundreds of local governments across the US, was reported completely offline.

As for public safety, the city’s 911, police, fire, and emergency services were said to be fully operational as of Friday.

City of Flint, MI municipal building
Image by City of Flint.

Flint officials also noted that it was unclear the extent of the breach and “whether resident or employee personal data has been impacted.”

The municipality, which has anywhere from 500 to 100 government employees, according to the city’s LinkedIn profile, encouraged individuals to take measures to “protect themselves from identity theft.”

The city said it would updating the status of services on its website continuously as progress is made.

“Municipalities and organizations across Michigan have been hit by cyber attacks in recent months. While unfortunate for all, this means that the City of Flint can bring tested resources to bear in its response,” city officials added.

So far, no specific ransomware gang has claimed responsibility for an attack. Cybernews has reached out to Flint for further information but did not receive a response at the time of publishing this report.

ADVERTISEMENT