article featured image


As reported by WJZ13 Baltimore, the incident occurred on May 24th, and WSSC removed the malware a few hours later. According to WSSC Water, the threat actors managed to access internal files but the water quality was not affected in any way.

WSSC Water Police and Homeland Security Director David McDonough announced that

WSSC Water continues to produce and deliver safe, clean water to 1.8 million customers in Montgomery and Prince George’s counties and at no time was the quality or reliability of our drinking water in jeopardy.


Additionally, McDonough stated that these attacks have become more common, especially in recent weeks, and WSSC Water has prepared for this type of event. The FBI, Maryland Attorney General, and state and local homeland security officials were notified and will cooperate with any investigation.

The Maryland water company said systems that operate its filtration and wastewater treatment plants are standalone networks and are not connected to the Internet. According to an official statement, WSSC Water also restored files from backups, and there was no significant impact on business operations.

The company underlined that its cybersecurity safeguards and swift action taken by the IT department helped minimize the impact of this attack. What’s more, WSSC Water does not intend to pay or support the threat actors responsible for this cyberattack.

Individuals whose information was exposed will be contacted by WSSC and offered five years of free credit monitoring with $1 million in identity theft insurance.

While the virus was not successful, it appears the ransomware criminals did gain access to internal files. As the investigation continues, WSSC Water will notify in writing any individuals whose personal identifying information was exposed. Those individuals will be offered five years of credit monitoring with $1,000,000 in identity theft insurance at no cost to them. All individuals are encouraged to remain vigilant and closely examine their financial statements and report anything suspicious to their bank or card issuer. Individuals can also access identitytheft.gov to report any suspicious activity and to learn how to freeze their credit.


Back in May, threat actors have deployed a ransomware attack on the City of Tulsa’s network, the incident leading to the city being forced to shut down all of its systems and disrupt all online services.

Several U.S. organizations, including computer group SolarWinds, fuel pipeline operator Colonial Pipeline, and JBS Foods, the world’s largest meatpacking organization, have recently been involved in ransomware attacks.

In the wake of these high-profile breaches and mounting damage caused by threat actors, the U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism.

Author Profile

Cezarina Dinu

Head of Marketing Communications & PR

linkedin icon

Cezarina is the Head of Marketing Communications and PR within Heimdal® and a cybersecurity enthusiast who loves bringing her background in content marketing, UX, and data analysis together into one job. She has a fondness for all things SEO and is always open to receiving suggestions, comments, or questions.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo