Albany, N.Y. hit with ransomware attack, mayor says

Most city services are available to the public, Mayor Kathy Sheehan said, but there are conflicting reports on the attack's impact on police.
Albany, NY
Getty Images

The city of Albany, New York, suffered a ransomware attack last week, though city officials said most municipal services are still accessible to residents. Mayor Kathy Sheehan made news of the cyberattack public in a tweet Saturday.

“We are currently determining the extent of the compromise,” she wrote. “We are committed to keeping you informed and will provide updates as they become available.”

On Sunday, the mayor issued a brief update, writing that “all city services will be available to the public” with the exception of vital records like birth and death certificates and applications for marriage licenses. City employees were expected to report to work at the usual time Monday, with municipal buildings opening to the public at noon.

Other details about the ransomware attack are slim. Officials did not specify the name of the malware that struck the city, or the ransom amount demanded. Sheehan’s spokesman, Brian Shea, said he could not comment on details of the attack, instead referring StateScoop to a screenshot of the mayor’s Sunday evening tweet.


With the attack, Albany joins a frequently expanding list of small and midsize cities and counties that have fallen prey to ransomware. Last month, rural Jackson County, Georgia, paid $400,000 to regain access to its government computer systems after being attacked by Ryuk malware. Orange County, North Carolina, reported last month that it was able to quickly recover from a ransomware attack without paying up. And in January, officials in Akron, Ohio, took several city services offline amid a major winter storm after detecting ransomware activity on their network. (It was later revealed Akron was dealing with the Emotet trojan horse malware, which is often used as a delivery system for the costly Ryuk ransomware virus, according to Duo Security.)

While Sheehan’s office said the extent of the Albany ransomware attack has been contained to the records and marriage-certificate offices, there are conflicting reports of whether the incident extended to the city’s police department. In a Facebook post early Sunday, Gregory McGee, the vice president of the Albany Police Officers Union, wrote that officers have been cut off from email, shift scheduling programs and the incident-reporting software used by computers inside patrol cars.

“What this all means for the residents of the City of Albany is that at the start of each shift, it is unknown who is working and what manpower the department has,” McGee wrote. “Calls for service may take longer than expected to complete due to the fact officers do not have the tools at hand to provide the appropriate level of service.”

Shea disputed McGee’s claims.

“Service from the Albany Police Department was not disrupted as a part of this incident,” he said.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts