Don’t click on the links, don’t click on the links, don’t …

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems.
Lansing’s BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including phone servers locked down since then.
The company says customer data has not been stolen (only, as is the case in ransomware attacks, encrypted).

We also want to reassure everyone customer and employee data was not compromised.
— Lansing BWL (@BWLComm) April 28, 2016
The organisation posted an FAQ to Twitter saying that since credit card information is handled by a third party, customer payment information is also safe.

The interruption to its corporate operations means BWL will be adjusting its billing dates.

Here are responses to commonly asked questions we’ve received following the cyber incident that happened on 4/25.
— Lansing BWL (@BWLComm) May 2, 2016
It took until yesterday for BWL’s customer service lines to return to normal service.

Our main customer service line (702-6006) is now operating on normal hrs, M-F 7A to 6P. Please have patience as we expect longer wait times.
— Lansing BWL (@BWLComm) May 2, 2016
However, other systems have yet to return to normal.

BWL says it’s engaged incident response experts to help it recover from the ransomware attack.
The FBI and state police are investigating. ®

Rise of the machines