No Fulton residents’ info leaked by hackers

Many phones are working again, he said. The water-bill payment system is back online, and work continues on the “big three” systems: tax offices, the courts, and the internal employee system, Anderson said.

Election systems, though temporarily taken offline out of caution, were not affected; and early voting is underway for the March 12 presidential primary, he said.

Anderson hopes all computer systems will be restored within the next month. For those functions still down, county offices — especially the judicial system — have gone back to paper or are using other work-arounds.

The county is working on a case study of “lessons learned” from the attack and response, which it plans to share with other governments and the public, Anderson said.

The LockBit ransomware group claimed responsibility for the Fulton cyberattack, setting a countdown timer on the dark web that displayed some stolen county documents and threatened to release far more if an unspecified ransom wasn’t paid.

LockBit has targeted thousands of governments and companies with ransomware attacks, and an international law enforcement crackdown Feb. 19 took down the group’s website. Police agencies also seized computer servers and cryptocurrency accounts.

Although the takedown was not a direct response to the Fulton County hack, it apparently cut off the hackers’ access to stolen Fulton data. LockBit put up a new web page and set another countdown threat, but that Thursday deadline passed with no document release.

After the deadline expired, Commission Chair Robb Pitts said neither the county nor anyone on its behalf paid any ransom.