LOCAL

Rhode Island sewer-system operator hit by cyber attack

Paul Edward Parker
The Providence Journal

PROVIDENCE — The Narragansett Bay Commission, which runs sewer systems in parts of the metropolitan Providence and Blackstone Valley areas, was hit by a ransomware attack on its computer systems.

A spokeswoman for the commission acknowledged the attack in a Friday evening email to The Providence Journal.

"Last week, the Narragansett Bay Commission identified a cybersecurity incident that involved the encryption of data on certain computers and systems in its network," spokeswoman Jamie R. Samons said in the email.

While she did not specify a ransomware attack, such attacks typically involve hackers encrypting data on a victim's computer system and refusing to supply the key to decode the data until a ransom is paid.

More:Why RIPTA decided to pay $170,000 to hackers who broke into its computers

Samons did not reply to a follow-up email asking whether a ransom was paid.

She did note that the systems hit by the attack are not ones that control the operation of the sewage system.

"There has been no disruption to wastewater collection and treatment services," Samons wrote.

She said that law enforcement was contacted immediately.

More:Rattled by RIPTA breach that affected 22,000, lawmakers propose policy changes

It was unclear whether customer information was taken during the attack.

"If it is determined that anyone’s personal information was potentially subject to unauthorized access or acquisition in connection with this incident, Narragansett Bay Commission will promptly provide notice to those individuals in accordance with applicable law," Samons wrote. "Notably, Narragansett Bay Commission does not store payment information or Social Security numbers for any of its customers on its systems."

She said the commission is enhancing security measures on its systems, as well as training employees "concerning data security."