Augusta has been in contact with ransomware experts and a law firm specializing in data breaches since at least the weekend systems went down.
According to documents approved by the Augusta Commission Tuesday, General Counsel Wayne Brown retained the services of a law firm specializing in “data privacy events,” Mullen Coughlin LLC, which retained a firm called Charles River Associates.
The documents are dated May 23, the day Mayor Garnett Johnson confirmed city IT networks were the victim of “unauthorized access.” The agreements were ratified by the commission and signed by Johnson on June 6.
The documents all but confirm the existence of a security breach by the BlackByte ransomware group that resulted in the loss of city data that includes personally identifiable information.
BlackByte, an online group, claims responsibility for the attack on an auction site on the dark web.
Assumptions listed in the agreement with Charles River Associates are that “BlackByte has been identified” and that the firm is available to “acquire a copy of the ransom note.”
Other steps in its investigation include checking dark-market forums for stolen data, negotiating with the group and potentially making ransom payments using bitcoin.
Fees for Charles River’s services include up to $345,500 for the first three phases of investigation, plus travel expenses and the deployment of equipment. Further costs are to be determined.
Since a two-and-a-half-hour closed-door session that included FBI agents May 26, city officials have grown very quiet about the breach. Public Information Officer Danielle Hayes provided an update June 2 that Augusta has “executed a path forward to restoration” as well as a list of which services work and which don’t.
Both firms specialize in assisting companies or organizations with data breaches that result in the loss of large amounts of data, and class-action lawsuits that result from them.
