In March, Franklin, Tennessee became the target of a significant cyberattack, raising serious concerns about the safety of employees' personal information. As the city has remained silent about the breach, many employees are left questioning whether their data has been compromised.
The incident came to light following a dialogue with the Trigona ransomware group, which revealed their involvement in the attack. During a recent engagement, a spokesperson for Trigona asserted that they had successfully infiltrated the city’s network and referenced possessing sensitive data. "We have exfiltrated more than 425 GB of files, including most employees' passwords and information," the spokesperson stated.
"We have exfiltrated more than 425 GB of files, including most employees' passwords and information,"
In response to the alarming claims made by Trigona, DataBreaches reached out to Jason Potts, the IT Director for Franklin. On May 8, a message was left for Potts, alerting him that potential attackers had access to the city network and were preparing to launch ransomware. Despite these urgent communications, the city provided no public acknowledgment of the attack, nor did they respond to inquiries from DataBreaches.
In an effort to raise awareness, DataBreaches also reached out to CISA (Cybersecurity and Infrastructure Security Agency). However, whether CISA took action following this exchange remains unclear. "We received an acknowledgment of the initial contact, but were later informed that the matter was closed due to no further action being required on their part," a representative from DataBreaches reported.
"We received an acknowledgment of the initial contact, but were later informed that the matter was closed due to no further action being required on their part,"
Race Results
The cyberattack's ramifications extend beyond mere data theft. Trigona provided evidence suggesting that the attack resulted in sensitive security information being accessed, including lists of login credentials. Despite the inability to verify every claim made by Trigona, the evidence included recognizable usernames associated with Franklin's city employees.
Among the concerning details was an Excel file revealing a paralegal's answers to security questions, exposing personal information such as her first job location and her spouse's city. "This breach not only endangers personal data but highlights a troubling pattern of password reuse across several city accounts," warned a cybersecurity analyst reviewing the incident.
"This breach not only endangers personal data but highlights a troubling pattern of password reuse across several city accounts,"
By the Numbers
In addition to staff credentials, other files leaked from Trigona contained data related to the city's police and fire departments, including officer names, ranks, and personal contact numbers. “There should be a document with full information about each policeman and commando,” a Trigona spokesperson commented, hinting at more extensive data that remains undisclosed.
As the conflict unfolded, insiders disclosed that the attack reportedly started around March 10, with claims that the IT department discovered the unauthorized access and terminated the breach approximately a week later. It is still unclear how much damage was inflicted or how many employees' data might be exposed.
Local employees express concern over the lack of clarity from city officials regarding the incident. Many feel that without proper communication, their personal security could be compromised.
Impact and Legacy
"There needs to be transparency about what data has been affected and how it may impact us," stated one employee. The prevailing sentiment among staff is an urgent need for the city to provide more concrete information regarding the extent of the data breach and any necessary steps for those at risk.
"There needs to be transparency about what data has been affected and how it may impact us,"
Without significant clarity or public statements from city officials, it remains uncertain how Franklin will move forward in addressing the fallout from this breach. However, it’s evident that the implications of this cyberattack are profound, and many employees continue to grapple with concerns over their personal information potentially falling into the wrong hands. As organizations increasingly face cyber threats, robust communication and proactive measures become critical to safeguarding sensitive data.
