Plainfield cyber attack: What's been recovered and what's still lost, thanks to hackers?

PLAINFIELD – The town’s police department has regained access to an online state and national law enforcement database that was blocked by a crippling March cyber attack.

Deputy Chief Will Wolfburg said on Monday the department can now tap back into the Connecticut On-Line Law Enforcement Communications Teleprocessing, or COLLECT, system.

More than 180 local, state and federal agencies feed information into that system, which allows police departments to retrieve information from a pair of in-state and two national databases: the National Crime Information Center (NCIC) and International Justice and Public Safety Information Sharing Network (NLETS).

Locally, the COLLECT and NCIC systems are regularly used by police to check the status of individuals and vehicles during the course of a call, Wolfburg said.

Computer server room at Plainfield Police Department headquarters.
Computer server room at Plainfield Police Department headquarters.

“We run a vehicle to see if it’s been stolen and the status of a driver, like if there are any active warrants or protective orders issued for people in a vehicle,” he said. “Since the (cyber attack), we’ve had to rely on Putnam and state police to do those kind of informational searches for us, but now we’re back to being self-sufficient in that area.”

Putnam police Chief Christopher Ferace said helping out Plainfield didn’t entail a lot of extra work for his folks.

“But it doesn’t matter if it did,” he said. “No matter how much work it takes, you do what you have to help out a neighboring department.”

In mid-March, hackers gained access to police and town hall computer systems, encrypting files and holding the data hostage as part of a demand for $199,000 in bit coin. The “ransomware” attack affected phone lines, laptops, records’ systems and a host of other components.

Wolfburg said all the department’s phone lines are back up, as is its email system and officer body camera capabilities. There was concern those cameras would be rendered useless as they filled up with footage without a place to store it.

“We still can’t do electronic fingerprinting – which mainly affects our ability to conduct pistol permit and employee hiring requests – and our records system is still inaccessible,” he said.

The department was poised to shift to a new records system when the attack occurred. The incursion and subsequent data encryption means years of report data and contact and call information – including if a resident has a history of mental health issues or not cooperating with officers - is essentially lost and will have to be re-added from the ground up.

Wolfburg said detectives were also forced to revisit several open investigations as computer-stored statements, reports and other information garnered during the normal course of a criminal inquiry are still inaccessible.

“In some cases that meant conducting new interviews and retyping reports,” he said. “So, instead of six open cases, that means there are 12 now to handle.”

Even though no ransom is expected to be paid to the hackers, officials said there’s not much more damage that can be done going forward as the encrypted data was not exported.

Are other Plainfield town departments recovering from the cyber attack?

First Selectman Kevin Cunningham previously said it will cost about $300,000 to upgrade 65 affected computers, as well as to add new security measures - including anti-virus protection and dual-authorization for email access - and to conduct internet security training sessions for employees.

Cunningham said several off-site departments – highway, sewer and animal control – were slated by end-of-day Monday to be fully back online. He said a “punch-list” of various recovery tasks was rapidly shrinking at town hall.

“We have two outside companies helping us out and the finance department, which had a lot of back-filling of files to do, has been staying late and coming in on weekends to get that work done,” he said. “We’re still working to re-establish connectivity to the state’s network.”

Cunningham said an engineering firm the town works closely with had a trove of town maps on file they were able to forward.

“We thought we’d lost all that,” he said.

Officials have not said how exactly the hackers slipped into the municipal system.

“We don’t think the hackers knew they were hitting a town or police department in the first place,” Wolfburg said. “They hit hundreds of systems and don’t check in daily to see what’s being done at any particular place. They’re looking to make a quick buck and want to know – yes or no – if they’re going to get paid.”

John Penney can be reached at or at (860) 857-6965

This article originally appeared on The Bulletin: Most Plainfield police systems up again after cyber attack