Saint John settles $2M cyberattack insurance claim

CBC
·2 min read
Saint John was hit with a ransomware attack on Nov. 13, 2020. (PabloLagarto/Shutterstock - image credit)
Saint John was hit with a ransomware attack on Nov. 13, 2020. (PabloLagarto/Shutterstock - image credit)

Saint John will get at least $2 million from its insurance company in connection with a cyberattack more than three years ago that forced the shutdown of the city's website, email, and online services, such as payments, and knocked out the emergency services dispatch system.

Council voted this week to settle the claim with AIG Insurance Company of Canada for the full face value of the city's cyber policy, after discussing the matter during a closed committee meeting.

In November 2020, hackers demanded an estimated $17 million worth of Bitcoin to release the city's network.

The city opted instead to rebuild its network from scratch and launch a new website, estimated at the time to cost $2.9 million.

The city is continuing to work with AIG on settling the property portion of the claim under the property policy, Stephanie Rackley-Roach, chief information officer, told CBC News.

Communications manager Erin White said the city is unable to provide any other information until next week, "when more details related to the claim are available to share."

'A relief'

Mayor Donna Reardon said it's "a relief to have the money."

"It's quite an expense to rebuild the system, so it certainly helps with that," she said Thursday, unable to immediately provide any specifics.

"And it's nice to know that the insurance that we bought, you know, did come to fruition at the end of the day for us."

Saint John Mayor Donna Reardon say's it's important to good work recognized by the rest of the community.
Saint John Mayor Donna Reardon say's it's important to good work recognized by the rest of the community.

Saint John Mayor Donna Reardon says cyber insurance was money well-spent for the city. (Hadeel Ibrahim/CBC)

It's been a lengthy process and "a lot of work," said Reardon, but the new system is "far more secure," and everyone at city hall is far more aware of online dangers.

"We've all had, you know, quite an intense education on cyber security."

'Phishing,' not 'fishing'

Three years ago, Reardon had never heard of "phishing" — "other than the old-fashioned kind … in the river."

"I'm not the techiest person in the world."

But she knows now, for example, to be on the lookout for suspicious emails, spellings or language before clicking on any links.

"'You've got a refund from Revenue Canada, click here.' You know the UPS [message] that comes all the time about my package that hasn't been delivered. I don't even order from Amazon, that much," she said.

City staff are also encouraged to leave their smartphones and iPads at home when they travel, especially outside the country.

"It should all stay in the city and on our regular network."

"You have to be so careful," said Reardon. "It's a criminal industry, and they're making a fortune."

AIG officials did not immediately respond to a request for comment.

  • Up next
  • Up next
  • Up next
  • Up next

Latest Stories