Medfield paid hackers a $300 ransom to ‘unlock’ the town’s computer network, which was shut down for a week, according to a statement released by Town Manager Michael J. Sullivan’s office.
Hackers gained access through ransomware attached to an email, the town said, and then encrypted most of the town hall files by launching the malicious program on Jan 25. The municipal computer system was down until Feb. 1, according to the statement.
The town made several attempts to unlock or restore the files, but the ransomware had infected the town’s backup system as well. After consulting police, other towns, and its antivirus protection firm, it was decided that paying the ransom demanded by the hackers was “the most expedient option,’’ according to the statement.
Medfield paid the hacker one half of a bitcoin, which is equivalent to $300. Medfield paid the ransom on Jan. 26. Once paid, the hackers provided the town with a software key to unlock the files.
“This was not a data breach and no files were removed from the system,’’ the town said.
Some sensitive files weren’t affected by the attack. Payroll and employee information is managed by a vendor, and school department records are kept on a separate server, according to the statement.
The town’s IT department has been “working around the clock’’ to ensure this type of threat doesn’t happen again by taking steps such as removing all mapped drives and further restricting access to USB drives, said the town.