Ransomware attack that forced a New York county back to pen and paper began in 2021, official says

An investigation into a ransomware attack on New York’s Suffolk County revealed severe shortcomings in the county clerk’s cybersecurity. The attack, which took place in September 2022, led to a leak of sensitive data relating to 1.5 million residents. The hackers gained access to systems in December 2021, spending months in the network before launching the attack. County Executive Steven Bellone criticized the IT department of the clerk’s office for a lack of cybersecurity measures. He claimed one member of staff was placed on leave for refusing to implement cybersecurity mechanisms.