Germantown, Tennessee, hit by ransomware attack

The city of Germantown, Tennessee, experienced a ransomware attack on its internal on-site servers, which was first detected on Friday, 2nd of February 2024.

Upon discovery of the attack, Germantown's cybersecurity malware system was activated to mitigate the damage. The city isolated the affected servers and shut down all network computers. Temporary websites were established to facilitate utility and tax payments, although residents could still make payments in person at City Hall.

Despite the cyber incident, the city, located approximately 30 minutes from Memphis and with a population of 41,000, managed to restore its office phone lines by Monday 5th of February.

Germantown officials have assured that critical data involving finance, utilities, and payment systems were not compromised, attributing this security to the proactive decision to use cloud-based systems hosted off-site.

Despite minimal impact on the city’s operations, some services, including the issuance of permits and the processing of public records requests, may experience delays. Some WiFi services in government-operated facilities also remain unavailable.

The city has not disclosed specific details about the data on the impacted servers.

Emergency services, such as fire and police departments, including the city's 911 system, remain operational. The FBI is involved in investigating the incident, and incident responders are working on restoring the affected systems.