Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied
The City of Hamilton will be on the hook for the more than $18 million it has cost to recover from a ransomware attack after their insurance claim was denied.
In an update presented to a city committee on Wednesday, staff said that its insurer denied the claim for reimbursement of costs related to the February cyberattack because multi-factor authentication had not been fully implemented for online services when the attack happened.
Staff said Hamilton obtained a third-party to review the coverage denial, but the review found the denial aligned with the policy.
The total cost incurred to recover from the attack so far is $18.3 million, according to a staff report. The city says more than $14 million of that amount has been paid to external experts while more than $1 million each has been put towards infrastructure, staffing, and other related costs.
'I understand why Hamiltonians are frustrated - this was a serious and costly breach,' said Mayor Andrea Horwath in a news release on Wednesday.
'We expect our public systems to be strong, secure, and dependable. This incident highlights that the city fell short of that standard - and we're not okay with that.'
The attackers disabled nearly 80 per cent of the city's network and demanded a ransom of roughly $18.5 million in exchange for a decryption tool to unscramble the data, the update revealed.
The ransom was never paid because the city said doing so would have increased 'risk and financial exposure.'
'This was in the best interests of Hamiltonians, aligned with guidance from third-party experts and law enforcement, and is consistent with industry best practices,' City Manager Marnie Cluckie said in the release.
'We are rebuilding our IT systems and infrastructure in a financially responsible way, applying what we've learned to strengthen cybersecurity and improve service.'
Additionally, the city said no one's personal or health data was impacted or accessed during the breach.
Most of the affected systems have been successfully recovered or rebuilt, according to the city.
However, they say a limited number of services, including the finance business management application suite, development and permit applications and licensing, fire department records management, public health inspection application, traffic signal systems management, museum collections management solution and the utility locates application, were unrecoverable.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Winnipeg Free Press
5 minutes ago
- Winnipeg Free Press
Vancouver home sales tick 2% lower in July with market ‘turning a corner': board
VANCOUVER – Vancouver-area home sales were down two per cent in July compared with last year, as the city's real estate board says it continues to believe the market is showing early signs of recovery. Greater Vancouver Realtors says residential sales in the region totalled 2,286 last month, down from the 2,333 sales recorded in July 2024 and 13.9 per cent below the 10-year seasonal average. The board's director of economics and data analytics Andrew Lis says the figures confirm that the market has turned a corner after months of slow activity spurred by the Canada-U.S. trade war. Year-over-year sales were down around 10 per cent in June, roughly half of the decline recorded in May. There were 5,642 newly listed properties on the market in July, a 0.8 per cent increase from last year, as total active listings rose 19.8 per cent year-over-year to 17,168. Monday Mornings The latest local business news and a lookahead to the coming week. The composite benchmark price in July was $1,165,300, down 2.7 per cent from a year earlier and 0.7 per cent lower than June. This report by The Canadian Press was first published Aug. 5, 2025.
CTV News
5 minutes ago
- CTV News
Northern Ont. man denied Canadian residency because he worked for Ukrainian secret police
While denying him permanent residency, immigration officials said there 'is no evidence that Oleksandr Zahrebelnyi personally engaged in acts of subversion.' (File) A man who came from Ukraine to North Bay, Ont., in 2017 has been denied permanent residency in Canada because he was a former member of the Ukrainian Secret Service, known as the SBU. Oleksandr Zahrebelnyi was open about his role with the SBU when he applied for permanent residency, the Federal Court said in a decision dated July 29. Zahrebelnyi left the SBU and opened a meat processing plant in Ukraine in 2016. 'As conditions in Ukraine deteriorated, he opened a meat processing plant in North Bay … with two business partners and obtained a Canadian work permit in the entrepreneur/self-employed category,' said the court's decision. 'His spouse and three children eventually joined him in Canada.' 'The officer who refused his application acknowledged at several points in the decision that there is no evidence that (Zahrebelnyi) personally engaged in acts of subversion or had any knowledge of such acts perpetrated by the SBU.' — Federal Court decision The Federal Court ruling made it clear that Zahrebelnyi 'is not alleged to carry personal responsibility for committing acts of subversion or any other bases for inadmissibility to Canada.' 'His inadmissibility results from his admitted service and employment with the … SBU between 1998 and 2011,' the decision said. 'The officer who refused his application acknowledged at several points in the decision that there is no evidence that (Zahrebelnyi) personally engaged in acts of subversion or had any knowledge of such acts perpetrated by the SBU.' In a statement to CTV News, Zahrebelnyi said the decision to reject his application was 'unfair and unjustified.' 'It is very difficult to maintain and make any strategic decisions for the business, when the life of my family is in 'limbo,'' he said in an email. His business was thriving Zahrebelnyi employed 20 people at Canada Meat Group in North Bay, and had plans to hire as many as 150 people in an expanded operation, as reported by CTV News in 2022. But those plans were shelved in 2024. The decision to deny him permanent residency in Canada on humanitarian and compassionate grounds under the Immigration and Refugee Protection Act was made on April 10, 2024. The immigration official denied his application on the basis that Zahrebelnyi had been a member of the SBU, which had been 'engaging in an act of subversion against a democratic government, institution or process as they are understood in Canada.' He appealed that decision and said that the denial had a major negative impact on his family and his business. The appeal said the official misinterpreted the meaning of 'subversion' and the more than four years it took to make a decision was an abuse of process. However, the immigration official handling the case ruled that membership in an organization 'that has engaged in subversion against a democratic government, institution or process' was sufficient grounds to deny the application. 'Subversive' actions 'After a detailed analysis, the officer concluded that the SBU was engaged in political repression, obstruction of the media, and election fraud throughout the period of (Zahrebelnyi's) involvement with the SBU,' the court decision said. A central issue of the appeal was the interpretation of the word 'subversive.' The immigration officer interpreted the word as including actions to maintain the status quo in Ukraine, as opposed to actions that accomplish change. The goal of the law is 'the protection of Canadian democracy through the denial of admission to those who have posed a threat anywhere to democratic governments, institutions or processes as they are understood in Canada,' the court said. 'This goal is served by including organizations which may not be internally democratic but are democratic in function, as understood in Canada.' Those organizations include the free media, the electoral process and opposition parties. The intent of the SBU was, in part, to actively repress these groups. The immigration officer provided internet links that showed the SBU 'illegally surveilled and interfered with Ukrainian parliamentarians in the early 2000s.' Other links showed that agents were hired to collect information on investigative journalists 'that threatened the interest of the political and economic elites.' The appeal also argued that the length it took to get a decision was unreasonable -- more than four years after Zahrebelnyi made the application in 2020 -- and amounted to an abuse of process. But the Federal Court ruled that there was 'insufficient evidence that it was characterized by the disruption to family life, loss of work, business opportunities or severe psychological harm that would amount to an abuse of process.' 'In the present case, while there is evidence of anxiety caused by the delay, the other consequences are the result of the unfavourable result of the investigation into the principal applicant's inadmissibility rather than the delay itself,' the decision said. Read the full decision here.
Globe and Mail
5 minutes ago
- Globe and Mail
Keysight Automated Test Solution Validates Fortinet's SSL Deep Inspection Performance and Network Security Efficacy
Keysight Technologies, Inc. (NYSE: KEYS) announces that Fortinet chose the Keysight BreakingPoint QuickTest network application and security test tool to validate SSL deep packet inspection performance capabilities and security efficacy of its FortiGate 700G series next-generation firewall (NGFW). BreakingPoint QuickTest is Keysight's turn-key performance and security validation solution with self-stabilizing, goal-seeking algorithms that quickly assess the performance and security efficacy of a variety of network infrastructures. This press release features multimedia. View the full release here: Keysight's BreakingPoint QuickTest simplifies application performance and security effectiveness assessments with predefined test configurations and self-stabilizing, goal-seeking algorithms to deliver relevant, up-to-date test scenarios with real-world applications. Enterprise networks and systems face a constant onslaught of cyber-attacks, including malware, vulnerabilities, and evasions. These attacks are taking a toll, as 67% of enterprises report suffering a breach in the past two years, while breach-related lawsuits have risen 500% in the last four years. Fortinet developed the FortiGate 700G series NGFW to help protect enterprise edge and distributed enterprise networks from these ever-increasing cybersecurity threats, while continuing to process legitimate customer-driven traffic that is vital to their core business. The FortiGate 700G is powered by Fortinet's proprietary Network Processor 7 (NP7), Security Processor 5 (SP5) ASIC, and FortiOS, Fortinet's unified operating system. Requiring an application and security test solution that delivers real-world network traffic performance, relevant and reliable security assessment, repeatable results, and fast time-to-insight, Fortinet turned to Keysight's BreakingPoint QuickTest network applications and security test tool. Using BreakingPoint QuickTest, Fortinet validated the network performance and cybersecurity capabilities of the FortiGate 700G NGFW using: Simplified Test Setup and Execution: Pre-defined performance and security assessment suites, along with easy, click-to-configure network configuration, allow users to set up complex tests in minutes. Reduced Test Durations: Self-stabilizing, goal-seeking algorithms accelerate the test process and shorten the overall time-to-insight. Scalable HTTP and HTTPS Traffic Generation: Supports all RFC 9411 tests used by NetSecOPEN, an industry consortium that develops open standards for network security testing. This includes the 7.7 HTTPS throughput test, allowing Fortinet to quickly assess that the FortiGate 700G NGFW's SSL Deep Inspection engine can support up to 14 Gbps of inspected HTTPS traffic. NetSecOPEN Security Efficacy Tests: BreakingPoint QuickTest supports the full suite of NetSecOPEN security efficacy tests, including malware, vulnerabilities, and evasions. This ensures the FortiGate 700G capabilities are validated with relevant, repeatable, and widely accepted industry standard test methodologies and content. Robust Reporting and Real-time Metrics: Live test feedback and clear, actionable reports showed that the FortiGate 700G successfully blocked 3,838 of the 3,930 malware samples, 1,708 of the 1,711 CVE threats, and stopped 100% of evasions, earning a grade 'A' across all security tests. Nirav Shah, Senior Vice President, Products and Solutions, Fortinet, said: 'The FortiGate 700G series next-generation firewall combines cutting-edge artificial intelligence and machine learning with the port density and application throughput enterprises need, delivering comprehensive threat protection at any scale. Keysight's intuitive BreakingPoint QuickTest application and security test tool made our validation process easy. It provided clear and definitive results that the FortiGate 700G series NGFW equips organizations with the performance and advanced network security capabilities required to stay ahead of current and emerging cyberthreats.' Ram Periakaruppan, Vice President and General Manager, Keysight Network Test and Security Solutions, said: 'The landscape of cyber threats is constantly evolving, so enterprises must be vigilant in adapting their network defenses, while also continuing to meet their business objectives. Keysight's network application and security test solutions help alleviate the pressure these demands place on network equipment manufacturers by providing an easy-to-use package with pre-defined performance and security tests, innovative goal-seeking algorithms, and continuously updated benchmarking content, ensuring solutions meet rigorous industry requirements.' Resources About Keysight Technologies At Keysight (NYSE: KEYS), we inspire and empower innovators to bring world-changing technologies to life. As an S&P 500 company, we're delivering market-leading design, emulation, and test solutions to help engineers develop and deploy faster, with less risk, throughout the entire product lifecycle. We're a global innovation partner enabling customers in communications, industrial automation, aerospace and defense, automotive, semiconductor, and general electronics markets to accelerate innovation to connect and secure the world. Learn more at Keysight Newsroom and
