Southold Town’s computer systems remain crippled more than a week after a cyber attack — forcing police to write reports by hand.
The incident, first detected around 6 a.m. Nov. 24, has shut down email and locked up public access to decades of town records as officials hunt for the culprit.
The town’s Information Technologies Department worked through the Thanksgiving break to find a fix but there is no timeline for restoration, Supervisor Al Krupski told The Suffolk Times on Monday.
No security concerns tied to the “cyber incident” have been determined, he added. When asked about the last time the town’s IT department was evaluated for security risks, Mr. Krupski said he didn’t know.
Town computers were unplugged and scanned for any viruses under the direction of the IT department.
The county and the state have sent equipment to Southold while the computers are down, supplying laptops and printers where needed.
“What we’re trying to figure out here is how much do we have to set up and kind of cobble together versus how long is that period going to be,” Mr. Krupski said. “And that’s been the constant discussion here all weekend.”
Emergency services have been unaffected by the cyber incident, with 911 and Southold Police Department administrative systems “functioning normally,” according to Police Chief Steve Grattan.
However, officers have had to take reports and issue tickets by hand in the interim with car-based systems down. They have also had to call in to dispatchers to have any driver’s license data run in-house.
“We’re adapting and hoping that with each passing day as they continue to work on getting us restored, that more and more becomes available to us so we can resume normal operations,” Chief Grattan told the Suffolk Times on Monday.
Email and the town’s Laserfiche records system have been the hardest hit, Mr. Krupski said. Vital records on the Laserfiche website are backed up, as far as the town supervisor is aware.
“We still have some tools available so we’re able to do the agenda, we’re still forging ahead with what we have,” said Mr. Krupski, who will hold a public hearing Tuesday night.
“Certainly the phones work, the (town) website is up. So it’s just, the emails are one of the bigger factors in operating.”
With email down, residents needing town services should call 631-765-1800 or visit in person.
Suffolk County went through a similar nightmare three years ago. In September 2022, a ransomware attack hit county systems and stole a “significant amount” of data — budgets, credentials, passwords, according to the county Legislature’s Special Cyber Intrusion Investigation Committee report released last year.
The hackers posted personal information of residents, employees and retirees on the Dark Web, including Social Security and driver’s license numbers. State contracts and Suffolk County Court records were also revealed on the Dark Web after the breach.
The costs of response and remediation tied to the attack were around $25 million, according to the 2024 report. The special committee found that insufficient coordination between the county’s IT teams and the absence of a cyber-attack response and recovery plan “significantly hindered the county’s ability to respond.”