NEWS RELEASE

February 13, 2018

For Immediate Release

City Takes Precautionary Measures During Malware Attack

SAVANNAH, GA (February 13, 2018) — The City of Savannah is recovering from a malware attack, likely caused by an e-mail phishing scheme.

The virus was discovered Friday afternoon. The City’s Department of Information Technology (DoIT) has been working around the clock to contain and remediate the malware infection. As a precautionary measure DoIT staff has temporarily halted communication between City servers to limit the spread of the virus. While this is an inconvenience, it appears that the virus has not compromised any City data or damaged City systems. There has been some interruption to customer service in Recorder’s Court and Revenue as further precautions are taken to protect these systems. DoIT staff is working to minimize these interruptions.

In addition, the malware attack has not impacted public safety or affected the 911 Center’s ability to receive and dispatch 911 calls. The City’s Lawson software system which is used for the City’s finance, purchasing and payroll units was temporarily suspended Monday as another precautionary measure. That system was given an all clear today and was brought back online.

DoIT staff along with the City’s vendor partner Layer 3 Communications, which provides network services and security monitoring, are still working to identify the cause of the malware. They will be examining every individual computer to eliminate the virus.