The offices of local Atlanta City Council members are still reeling from a loss of information and data caused by a March 22 cyber attack on the city’s systems, which has left residents unable to pay tickets or water bills. The city is working with federal partners and consultants on restoring systems and strengthening security, following the attack, where hackers encrypted files and demanded a ransom to unlock them.

The city has taken some steps toward recovering. Employees were allowed to turn back on computers, and the Hartsfield–Jackson Atlanta International Airport restored its public Wi-Fi. But some resident applications are still down, including the Atlanta Police Department’s online crime database.

Atlanta City Councilmember Howard Shook.

All three computers in District 7 Councilmember Howard Shook’s office used by him and staff members had to be discarded. The attack wiped out most of his files and contact list that he has built over his 17 years as a city councilmember.

“The three of us have had to try to get by on these elderly laptops,” he said, of their transition-period computers. Shook doesn’t believe he has received every email sent to him since the cyber attack began, but his email is now operating as normal and he receives emails from residents, he said.

Workers will remove the data from the decommissioned computers and transfer what they can recover onto the new computers, he said.

“There is a slight chance some of the data might be recovered,” Shook said.

District 8 Councilmember J.P. Matzigkeit said his office was affected by the attack, but he did not have much to lose. Matzigkeit took office in January, so did not have an extensive contact list and email log like Shook or other long-serving councilmembers, he said.

“My staff lost a lot more than I did,” he said.

Matzigkeit said his email functions have not been affected and can still receive emails from residents.
Consultants have been brought in to help advise the city on the situation. Shook expects some of the recommendations to be stronger passwords and more restrictions on opening attachments.

“I think we’re going to have a new normal,” he said.

The city does not yet know how much the infrastructure improvements and repairs will cost, Shook said.

“It will take investment, but we will be better for it,” Matzigkeit said.

Atlanta City Councilmember J.P. Matzigkeit.

Shook said he is confident the city will learn from the mistake and make the changes necessary to ensure an attack won’t succeed again.

“Hopefully, other governments and businesses will use this as a teachable moment and protect themselves,” he said.

Matzigkeit said he has been impressed by the way the mayor and city have handled the situation.

The attack has caused outages in internal systems, including some that customers may use to pay bills or access court-related information, the city said.

The Department of Watershed Management cannot process any bill payments online or over the phone. Payments have to be made in cash. The Municipal Court also could not process any ticket payments. The city has suspended late fees until all systems are restored.

Atlanta Police Chief Erika Shields said, out of caution, officers had reverted to filing reports on paper. The system used to operate the crime database could also not be accessed as late as April 10, but the department was hopeful to have that system restored by that week. The database is used to send a list of crime reports to NPUs and other groups. It is also used by the Reporter to compile the police blotter.

Wi-Fi was disabled at the Hartsfield–Jackson Atlanta International Airport out of caution, but was turned back on after 10 days.

Residents can use the city’s hotline, ATL311, to submit emergency water and sewer service requests or requests for other repairs.

The city has not found any evidence that employee or resident data was compromised. However, the city is encouraging residents to continue to monitor their bank accounts for any strange activity.