It is a sad irony that those who paid for Joplin city services by check — many of whom may have done so because they don’t trust digital payment methods — became victims of a “network security incident,” that crippled the city government’s computer and telephone systems last summer.
The system intrusion that occurred sometime between July 2-6 last year encrypted the city’s data and records, blocked access to information stored in the system, and temporarily disabled the city’s phone system.
The city recently revealed that information stored in city computers with the names and banking information of Joplin and Duquesne customers who paid by check between 2013 and 2021 was compromised in the attack. An insurer for the city paid a ransom demand of $320,000 intended to prevent the release of any personal information the hackers obtained from the system.
Let’s call it what it was: hacking. The ransomware attack involved the gaining of unauthorized access to data in a system or computer. That is the definition of hacking.
City officials initially had said that information about those who have city sewer and trash services were not endangered. Turns out, those who paid online or in cash were fine but not those who paid by check.
The digital incursion and the city’s response to it offers some lessons.
First, cybercrime affects everyone. Not only are businesses, utilities and governments at risk, even those who avoid computers and the internet are subject to personal damage by hackers. Defending against and going after hackers who commit these crimes is essential.
Second, while it is not surprising that new information would come to light as an investigation proceeds, the city has been less forthcoming than one would hope after an attack that put residents’ personal information at risk.
Officials must focus on providing the clearest, fullest accounting to the public as quickly as the investigation allows. Residents have the right to expect that public officials will communicate clearly and quickly, handling these matters openly and transparently.
Two good steps in that direction have been taken since the hack: The city established a $194,000 contract with a Kansas City cybersecurity firm to provide more protection for the city’s computer system and online functions, and city officials have put in place a dedicated call center to answer questions regarding the compromised information. That center can be reached from 8 am to 5:30 pm central standard time on weekdays at 1-855-651-2613.