Upper Merion Township in Pennsylvania confirmed a data breach that occurred in December 2023, impacting sensitive personal information of residents. The breach was detected on December 27, 2023, when malware infiltrated the township’s network, allowing an unauthorized party to access or acquire data. While the township has not disclosed the total number of affected individuals or the specific data compromised, it has begun offering free credit monitoring services, suggesting the data could be used for identity theft. This move highlights the seriousness of the breach and the potential risks posed to affected residents.
The ransomware group Qilin claimed responsibility for the attack, alleging that it stole 500 GB of data, including private contracts, emails, and financial documents. They released a “proof pack” containing a sample of the stolen files, but Upper Merion has not officially verified the claims made by the group. This leaves the full extent of the breach uncertain, including whether or not the township paid a ransom or how the attackers initially gained access to the network. The township has refrained from sharing further details about the incident’s exact nature and scope.
In response to the breach, Upper Merion Township experienced disruptions in its network, email, and phone systems, which were communicated to the public through a Facebook post on December 28, 2023. Officials indicated that certain services were disconnected from the internet to prevent further damage and exposure. The township also took steps to investigate the incident and work with third-party cybersecurity experts to assess the breach’s impact and protect sensitive information from further misuse.
As of September 30, 2024, it was confirmed that 2,961 residents were affected by the data breach. While the township has not fully disclosed the specifics of the compromised data, it is taking steps to ensure better security moving forward. The investigation remains ongoing, and Upper Merion Township is committed to providing additional information and support to those affected as new details emerge.
Reference:
