What types of sensitive data were compromised?

The attackers gained access to files dating back to 1987, including Social Security numbers, driver's license information, payroll records, health information, marriage certificates, birth certificates, death certificates, medical test results, COVID-19 rental assistance applications from 2021, and personal files of city employees.

What is the current status of city services?

As of December 2, 2024, some critical services have been restored. Municipal court operations and street cleaning services have resumed normal operations, while parking services have adapted to accept manual payments through cash or checks. The city has implemented alternative processes for essential services and is advising residents to use phone communications rather than email.

What actions are being taken in response to the attack?

Federal law enforcement is investigating the incident. While ThreeAM has not made their demands public, security experts suggest the city likely received private ransom terms. The city has not disclosed whether affected individuals, particularly the 2021 rental assistance applicants, have been notified about their compromised information.

Incident

City of Hoboken, New Jersey hit by ransomware attack

Q: What happened in the City of Hoboken ransomware attack?

On November 26, 2024, the City of Hoboken, New Jersey was hit by a ransomware attack by the ThreeAM group, forcing officials to shut down City Hall and suspend all digital municipal services. The attack affected approximately 57,000 residents plus numerous commuters who rely on Hoboken as a major transit hub.

Q: What services were affected by the attack?

The attack disrupted multiple city services including municipal court operations, citywide street cleaning services, email systems, city-wide Wi-Fi infrastructure, and various digital payment systems. Most administrative services requiring network access were impacted, though some third-party services like parking permit sales remained operational.

published: Dec. 3, 2024

Learn More

On November 26, 2024, just before the Thanksgiving holiday, the City of Hoboken, New Jersey, was hit by a ransomware attack that forced officials to shut down City Hall and suspend all digital municipal services. The incident affected approximately 57,000 residents plus numerous commuters who rely on Hoboken as a major transit hub in the tri-state area.

The attack caused widespread disruption across multiple city services, including the municipal court operations, citywide street cleaning services, email systems, city-wide Wi-Fi infrastructure, and various digital payment systems. The impact extended to most administrative services that required network access, significantly hampering the city's ability to serve its residents.

As of the Monday, 2nd of December 2024, the city has begun to restore some critical services. Municipal court operations and street cleaning services have resumed normal operations, while parking services have adapted by accepting manual payments through cash or checks. Services provided by third-party vendors, including parking permit sales, have remained operational throughout the incident.

City officials have implemented alternative processes for essential services while the restoration work continues, advising residents to use phone communications rather than email to contact city departments.

The identity of the threat actors responsible for the attack has not been disclosed by city officials, and the financial impact of the incident remains unknown.

Update - as of 5th of December 2024, the ransomware group ThreeAM (also known as 3AM) has been identified as responsible for the attack. The breach has affected every department in the city government, with stolen files dating back to 1987. The attackers gained access to a comprehensive range of sensitive data, including:

Social Security numbers
Driver's license information
Payroll records
Health information
Marriage certificates
Birth certificates
Death certificates
Medical test results
COVID-19 rental assistance applications from 2021 (containing applicants' personal information)
Personal files of city employees

City officials have confirmed that federal law enforcement is investigating the incident, though they have not disclosed whether affected individuals, particularly the 2021 rental assistance applicants, have been notified about their compromised information.

The ransomware group ThreeAM, which was first documented in September 2023, has not made their demands public, though security experts suggest the city likely received private ransom terms.

City of Hoboken, New Jersey hit by ransomware attack

Read More
Bladen County impacted by cyberattack, possibly data theft
Kaufman County, Texas suffers two separate data breaches …
Ransomware gang claims breach of New Horizons Medical
Frontier telecom hit by cyberattack, shuts down systems
Alberta Dental Service Corp reports data breach, exposing …