City Councilors Want Answers About Compromised City Of Tulsa Website

Thursday, October 11th 2012, 10:41 pm
By: Tess Maune

The City of Tulsa is now taking a closer look at a "cyber-attack" that turned out to be a false alarm.

At one point, the city feared the personal information of thousands of people had been compromised.

The problem shut down the city's website for a couple of weeks. The police department's site still isn't back online, and it's all because a routine scan was mistaken for a security breach.

Tulsa City Council members say they want answers.

"I don't understand how this happened," said Councilor Jeannie Cue.

The city's IT department thought its system had been hacked.

City Manager Jim Twombly said early last month there was an unusual amount of activity between the city and police websites and an unknown IP address that appeared to be a spammer.

9/19/2012 Related Story: Criminal Investigation Begins After City Of Tulsa's Website Hacked

"The initial reaction was that this was an attack," Twombly said.

As many as 90,000 people, who had applied for a job or reported a crime online, were sent letters, warning that their personal information may have been accessed.

The city said it was following state notification laws.

The mass-mailing cost the city $20,000.

"Unfortunately, it happened this way, and a lot of letters were sent out when we simply could have found the vulnerability and addressed it there," said Interim Director of IT, Captain Jonathan Brooks.

Brooks said what they thought was a security breach, was actually a routine scan, performed by a company hired by the city to test its network for vulnerabilities.

"They have random and scheduled scans, but this one was not a scheduled one," Brooks said.

About five employees within the IT department received an email saying the city's system was secure, but Brooks said, because the scan was in a new, unfamiliar format, it threw off the IT team.

Even so, councilors echo the same resounding question: How could such a mistake happen?

"It would seem logical to me that the very first person you would call would be this company that we've hired to check our system," said Councilor Byron Skip Steele.

Brooks said an internal investigation is underway to determine where the communication broke down.

In the meantime, the entire website has been rebuilt to ensure no security breach, real or fake, ever happens again.

The city has hired a private IT firm to help with future safety issues.

That will cost up to $25,000.

The Chief Information Officer, who was overseeing the department at the time of the false alarm, is on administrative leave with pay.

10/01/2012 Related Story: Tulsa IT Director On Administrative Leave After False Alarm Website 'Hack'