Two years after a cybercrime cost the city of Tallahassee over $2 million, City Hall confirmed it was again the victim of an online attack early on April 17.

In an email obtained by the Tallahassee Democrat, Assistant City Manager Christian Doolin informed city commissioners of the incident and said staff “quickly responded and took action to isolate the threat.”

“We want to make you aware that earlier this morning, our systems alerted staff to an attack affecting portions of our city’s technology environment,” the email states.

“There are no operational impacts to the system at this time,” Doolin wrote. “Staff is validating containment, assessing registries and scheduled tasks, and analyzing access across environments.”

He said there could be “periodic downtimes” as maintenance is underway.

‘A confirmed cyber event,’ official says

An email sent by Leon County chief information officer Michelle Taylor at 1:35 p.m. added more gravity to the situation.

“COT is experiencing a confirmed cyber event on their IT network. They have disconnected from the internet while they investigate further. Additionally, we have temporarily paused our city/county network link to prevent any creep into the Leon County network,” she wrote.

“Expect outages especially related to CAD, GIS, or other city county applications. Be careful about opening any email attachments from talgov.com.”

This afternoon, the city’s website produced error messages when trying to load the page: “An error occurred while processing your request.”

A customer service representative with the city confirmed the website was down, projecting services would be back up in an hour.

“We don’t have an ETA for repairs. Technicians are working, and we’re telling customers to call us back in about an hour for updates,” the representative said.

City of Tallahassee shut down website as defensive maneuver

The city’s technology director, Tim Davis, said they shut the website down as a “proactive way” to sever ties coming in “so that we could confirm containment and go from there.”

When asked if the city knew where the attack came from, Davis said they’re still assessing these things but there was no data compromised.

The city’s technology team received an alert that someone was trying to intrude, and after determining it was a legitimate threat, they initiated protocols to contain the attack.

“Our focus initially was to make sure that we had it contained and that we were able to eradicate it out of our system and confirm no more movement,” he said.

‘Network of deceit’: Last incident was in March 2024

The last cyber event at the city came with a cost.

In March 2024, more than $2 million was stolen from city funds in a “cybercrime” carried out by someone posing to be a city vendor.

Tallahassee police arrested Richard Golding, of Buffalo Grove, Illinois, this January and said Tallahassee was one of multiple victims of the scheme.

TPD said its investigation “uncovered a network of coordinated deceit that digitally crossed state and international lines,” as Golding allegedly transferred more than $2 million to Mexican bank for an unidentified criminal network.

Police and prosecutors celebrated the arrest and recovery of $1.4 million of the stolen money, though they acknowledged roughly $900,000 was still gone.

Elena Barrera can be reached at ebarrera@tallahassee.com. Follow her on X: @elenabarreraaa.

This article originally appeared on Tallahassee Democrat: City of Tallahassee cyberattack: No data compromised