JACKSONVILLE BEACH, Fla. – A cyberattack in Jacksonville Beach has affected the city’s information system. Cybercriminals are holding personal data like Social Security numbers and banking information for ransom. If you’re affected, you will be notified by mail.
Don Graham, a construction superintendent, said he just found out his company’s permit for a new coffee shop in Jacksonville Beach is quote “lost somewhere in the City of Jacksonville Beach’s computer system,” so he has to pick it up in person.
“I had one contractor that has already done his work, and they told him he didn’t have a permit, which of course he did,” Graham said.
It’s the same system that city officials first announced in January was temporarily shut down because of what they called an “information system issue.” Now, Jacksonville Beach Mayor Christine Hoffman is calling it a sophisticated ransomware attack but said the city did not pay the ransom.
The breach has crippled city operations.
“I haven’t received my bill for two months. I finally got one and it was last month,” said Zenaida Mickle, a Beaches Energy customer.
Mickle said she can’t pay her power bill online or reach anyone by phone, which is why she had to pay her invoice in person on Thursday.
“That’s been a shock to me,” said Beaches Energy customer Todd Smith, who was just finding out about the breach. “They should have let people know that they were affected. Now you’re going to let them know, but you should have been letting them know (before) because people could have been more aware of what happened. Instead of now, months later. That’s not OK.”
The News4JAX I-TEAM asked Hoffman why the breach was initially called a cybersecurity event in January and what her response is to customers’ concerns about transparency.
“On Jan. 29, we immediately contacted state and federal authorities and consulted with our cybersecurity advisors,” Hoffman said. “The City of Jacksonville Beach followed the advice given to us regarding investigation, mitigation and recovery. When we realized data had been compromised, appropriate steps were taken to secure our computer systems and affected customers are being alerted that their information may have been compromised.”
According to Hoffman, 48,949 people are potentially affected by the ransomware attack.
City officials say individuals who believe they are potentially impacted by the incident or have additional questions are urged to call a hotline number they set up at 844-709-0703.
Consumers have the right to place an initial or extended “fraud alert” on their credit file at no cost. Or place a credit freeze on their report, which prohibits a credit bureau from releasing information without authorization.
“It should concern everybody. It’s your Social Security number,” Beaches Energy customer Jessie Klare said.
Klare thinks the city of Jacksonville Beach should pay for credit monitoring for impacted customers.
“They are the energy company,” Klare said. “They should be taking care of that. I have to pay attention to everything with my family, my kids and everything at home. If I’m paying you money, and I’m using your energy, you should take care of that.”
Hoffman said they are bringing their systems up as quickly and safely as possible, and it remains unclear just how many people have been affected.
Click here to learn about credit monitoring.