Bay Area city shuts down municipal sites following cyberattack

The City of Hayward, California said it was forced to shut off its website and several online municipal portals in response to a cyberattack.

The city has more than 160,000 residents and is about 30 minutes away from Oakland and San Francisco. The U.S. Census includes the city in the San Francisco–Oakland–San Jose Metropolitan Statistical Area.

On Monday, city officials said they detected a cybersecurity incident and intrusion into its network on Sunday morning. As a precaution, they turned off access to the city’s public website and other services.

As of Monday afternoon, the city website is still down.

In another statement on a temporary website, the city said 911, emergency dispatch, police, firefighter and medical services are still operational.

“The City has no evidence of a breach of personal information of any employee or member of the public and is continuing to investigate the matter with the assistance of cybersecurity professionals,” officials said.

“If any data breach involving personal data is discovered, we will be in contact with the affected individual or individuals directly. Until further notice, community members and other members of the public should contact and otherwise conduct business with the City by telephone, mail or in person.”

The city said it will be providing updates on the situation through its social media channels and an e-newsletter.

City officials did not respond to requests for comment about whether it was a ransomware incident. Several cities across California have dealt with crippling attacks this year.

Oakland’s government was paralyzed for weeks after a ransomware incident that eventually necessitated help from the California National Guard and other state agencies. The city of Modesto – about an hour and a half away from Oakland – also dealt with a citywide ransomware attack at the same time that forced the police department to revert back to radios.

One month earlier, San Francisco dealt with a ransomware attack on its Bay Area Rapid Transit that later led to the leak of troves of sensitive information from the railway's police force. The San Bernardino County Sheriff's Department struggled with its own cyberattack that they said “involved malware.”