ransomware (posteriori/Shutterstock.com)

Atlanta still hobbled by ransomware attack

Four days after the announcement of a ransomware attack on Atlanta's city network on March 22, officials are still struggling to bring citizen-facing websites and internal application back online.

In a March 23 announcement, the city provided an update on efforts to resolve the ransomware cyberattack and outlined precautionary measures employees and customers should take while the city restores service.

Because the attack seems to have affected applications residents use to pay bills or do business with the city, officials initially advised employees and those who do business with the city to check their bank accounts to ensure their financial data had not been compromised.

On Monday, the city reiterated that that warning in a tweet. "At this time, there is no evidence to show that customer or employee data has been compromised. However, customers and employees are encouraged to take precautionary measures to monitor and protect their personal information."

Agencies across the city have been affected, according to a press statement. Among the departmental functions still suspended are:

  • Human resources. No New employment applications are being accepted
  • ATL311. Although the ATL311 website has been disabled, residents can access 311 services over the phone.
  • Procurement. Contracts will continue to be processed as the department works on gaining access to internal systems to issue purchase orders.
  • Municipal court. Currently, the court cannot process ticket payments (online or in person) or validate warrants originated from the court.
  • Corrections. The department is processing inmates manually.
  • Parks and Recreation. Permits and event applications are being reviewed manually
  • Airport. Free public Wi-Fi has been disabled at Hartsfield-Jackson Atlanta International Airport out of an abundance of caution.

In an interview with WSB-TV Atlanta, Mayor Keisha Bottoms said the city is making progress, but the issue is not resolved.  More details have not been forthcoming.

Some have criticized the city's reticence. Andy Green, a lecturer of information and security at Kennesaw State University, told Atlanta NBC affiliate WXIA that the city's silence is concerning. "We don't know if they're actively fighting the infection, we don't know whether they're into recovery mode," Green said.

The ransomware message demanded a bitcoin payment of approximately $51,000 to unlock all affected systems, the equivalent of $6,800 per computer to unlock individual machines.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.

Connect with Susan at [email protected] or @sjaymiller.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected