Augusta online services remain limited since a May 21 outage, and the city denies being in communication with a ransomware group.
However, the group BlackByte is selling a set of city data for $300,000, according to its auction site on the dark web. To delete the information, BlackByte wants $400,000.
The site, accessible using the Tor browser, shows sample pages from the stolen data that include a board of elections job description created by the Archer Company, lists of vendor names and contact information, IT capital requests and a maintenance schedule. It’s clearly Augusta data, although not confidential information.
The data breach site Suspectfile claims it downloaded a 10-gigabyte “proof of data” file from BlackByte and describes and shows screenshots of what it contained.
The sample shows files such as Augusta E911 wireless configuration and the names and passwords for wireless networks. It shows a dozen wifi sites, with IP addresses, at Augusta Regional Airport, and lists the account numbers of 50 Comcast accounts at city facilities. It contains the contact information for 132 homeless people, employee medical and health coverage information as well as a city network administrator’s health records, social security number and date of birth, along with those of his family members.
Suspectfile claims the same network administrator committed “negligence and errors” that allowed the theft. Augusta IT has three employees with that title.
City Public Information Manager Danielle Hayes sent a news release at 5:36 p.m. providing an update. After a 90-minute closed session Friday, Mayor Garnett Johnson said Hayes, who works from the city administrator’s office, would be the sole point of contact for information about the breach.
“It remains the case that Augusta is not in communication with the cybercrime group that has claimed responsibility for this incident,” the release stated.
Augusta has not determined if “sensitive personal information may have been impacted” by the breach.
Augusta IT “has executed a path forward to restoration,” it said.
Meanwhile, the release provided an update on services “functioning and available” currently.
Augusta 311 is accepting calls, although automated call routing systems had been affected by the outage.
Augusta Transit bus service remains in operation, and garbage pickup continues.
In the area of public safety, “all essential functions are operational,” specifying 911, Augusta Fire Department and Animal Services. Fire services had switched to manual dispatching earlier in the outage.
In a tweet last week, Johnson said he visited the Charles B. Webster Detention Center regarding issues with booking and releasing prisoners caused by the breach. The Richmond County Sheriff’s Office inmate search hasn’t functioned since the breach. Judges have said court functions are impaired.
All Augusta Planning and Development services, such as submitting site plans or rezoning requests, must be conducted in person.
The release lists employee payroll and vendor payments as one of the functioning services.
The Richmond County Tax Commissioner’s Office is currently only processing motor vehicle transactions, which must be conducted in person at the main office or at kiosks at the South Augusta Tax Office or Washington Road Kroger.
The tax office is “not processing property taxes,” it said. Most property tax bills went out and were due last fall.
