Santa Rosa Beach, Fla.(WMBB) – The South Walton Fire District is facing a ransomware attack, that initially took place in May 2022.
The threat actor reportedly targeted computer systems in the past Memorial Day. The hack may impact patient information, particularly the data the fire district transported between the years 2007 and 2019, says South Walton Fire District officials.
While the officials confirmed that no information so far has been leaked, a thorough investigation of the incident is ongoing. The district officials as well are taking additional precautionary measures in order to secure the leaked information of the patients.
Details of The Ransomware Attack
On Memorial Day, SWFD discovered that someone had encrypted their dispatch system's data, acquired temporary access, and left a ransom note.
“In essence, what somebody had done was get access to the system, encrypted the data, and left a ransom note for us to, basically, pay that ransom in order to get that data back […] Fortunately, internally we have a pretty robust mechanism in place to do backups. So we never had to engage that threat actor to gain that data back. We were able to re-install that data and be back up and running in about a day and a half,” says South Walton Fire District Fire Chief Ryan Crawford.
Chief Crawford mentions that immediate measures were put into action after the district learned about the attack, by calling in federal, state, and local law enforcement. He says that they are continuously working on newer methods and technologies against threat actors in order to secure data.
“We have already taken a number of additional layers of protection to try and mitigate the issue and prevent further instances like this from occurring,” says Crawford.
Describing one of the cautionary measures, Crawford says, “One of the easiest ways is to take those archived medical records completely offline […] And so now, you know, those are really accessible to us for when people do public records requests and those sorts of things, it now requires us to go into the room where that server is located to pull that information rather than doing that remote.”
In addition to this, SWFD has also established a toll-free call center to solve queries regarding the incident and address related concerns. The call center agents can be reached at 1-800-939-4170 from 8 a.m. to 8 p.m. Central Time, Monday through Friday.