Letter from Bar Harbor Town Manager Regarding Cyber Security Breach

Following the Cyber-security breach in Bar Harbor affecting the Town of Bar Harbor on Wednesday, July 30, Bar Harbor Town Manager, James Smith has released the following letter.

The Town Offices were closed on Thursday, July 31st and Friday August 1st following the detection of the security breach.

The Town of Bar Harbor has taken swift and coordinated action to secure municipal infrastructure, protect sensitive data, and begin a comprehensive review of the incident.

Town staff acted immediately to protect critical public services by creating what is known as an air gap. This means we physically disconnected key systems from the broader network to keep them isolated and secure. This included our Supervisory Control and Data Acquisition (SCADA) Systems. These are the control systems used to monitor and control essential operations at our Water and Wastewater treatment facilities.  Town staff were able to ensure that they remained fully operational and uncompromised throughout this event.

At the same time, staff have worked to secure critical public safety systems including communications and data used by police, fire, and EMS; these services continued without significant disruption.

Acting in an abundance of precaution, our Finance Department froze all existing municipal bank accounts and is establishing new accounts with isolated access controls. Although security measures were already in place following a separate incident earlier this year, we felt it was prudent to take further additional steps to protect all financial activity. Vendors who receive recurring payments or make deposits have been contacted in order to ensure a smooth transition.

Employees have been notified out of caution in the event any personal information may have been exposed; the full scope and nature of any such exposure remains under investigation.

To lead the evaluation and recovery effort, the Town engaged CrowdStrike, a nationally recognized cybersecurity firm, to conduct a 3^rd party independent forensic audit of our system.  This will allow us to determine how the breach occurred and what specific information may have been compromised. Staff also brought in two experienced local IT professionals to assist in reviewing and strengthening our systems prior to bringing them back online. Our insurance provider has been notified; as was the FBI.

To date, we have not detected any malware or viruses; no files have been encrypted, deleted, or locked out; and no municipal funds have been lost. These are all encouraging signs that our prompt actions helped contain the situation effectively.

We will provide additional updates as needed. We thank our residents, employees, and community partners for their continued patience and support as we complete the final steps in system restoration and verification.

Get our free mobile app