Action News first reported the security breach in November.
SEE ALSO: Action News Investigation on Delco hack
According to officials, on September 10, a county employee received a phishing email that contained malware by a hacker, the threat actor, and it was downloaded into the system.
“During the period between September 10 and November 21, the threat actor was most likely stealing credentials, identifying sensitive data, and exfiltrating the information from the county’s operating environment,” officials said.
They said sometime within that period, the hacker activated a ransomware application.
On November 21, an IT staff member identified abnormalities in the county government’s network.
With the help of outside cybersecurity experts, the county council was able to restore some capabilities and credentials through back-up systems.
It was, however, recommended that the ransom payment be made to the hacker.
“The threat actor early on indicated that its intent was to hold the County’s system for ransom, accompanied by a threat to release data, including potential personal information, unless the ransom was paid,” county officials said.
SEE ALSO: FBI joins investigation into computer system hack in Delaware County, Pennsylvania
The ransom of $25,000 was equal to the deductible amount on the county’s insurance policy.
In exchange, the hacker provided a list of the stolen files and shared the information necessary to unlock the county’s systems.
The county is now working with a private cybersecurity firm and pursuing further initiatives to provide a more secure environment.
Copyright © 2021 WPVI-TV. All Rights Reserved.