News

Cybersecurity task force investigating targeting of city's personnel data

By Lightning Reports, Published: November 30, 2023

The city of Hendersonville recently learned that it was a victim of a cybersecurity incident, City Manager John Connet said in a statement Wednesday.

Here is Connet's statement in full:

"Shortly before the Thanksgiving holiday, a threat actor group targeted software used to manage employee data. Upon learning of the issue, we began actively working with the North Carolina Joint Cybersecurity Task Force, as well as other local, state and federal law enforcement. We have also launched an investigation with third party cybersecurity professionals who regularly analyze these types of incidents.
"We are assessing the extent of any compromise of information as a result of this incident. We are taking this matter very seriously and continue to take significant measures to protect the information in our control. Based on our preliminary investigation, we have determined that the unauthorized party likely accessed the system and gained access to certain employee data for individuals hired before Jan. 1, 2021. We believe the impact did not extend to other systems or customer data.
"Understand that our priority is the safety and security of government employees who work diligently to serve our community each and every day. We are committed to addressing the situation quickly and responsibly, by collaborating with legal counsel, technical experts, and cybersecurity professionals. At the conclusion of our investigation, we will directly contact individuals whose protected personal information may have been specifically impacted."