A A

The P.E.I. government’s website was held for ransom Monday, but a spokesman for the province says no personal data was breached.

Scott Cudmore, director of enterprise architecture services, confirmed the website was the victim of a ransomware attack.

Cudmore said after the attack was noticed an investigation was done to determine if any data was taken.

“There has been no breach of any user data,” he said.

Visitors to the provincial government’s website Monday morning were met with a screen that said “Ooops, your website have been encrypted!”

The page warned that files on the website were encrypted and no longer accessible.

No one could decrypt the files without the attacker’s special decryption service, the page said.

“Maybe you are busy looking for a way to recover your files, but do not waste your time!”

A clock on the page counted down the time until all of the sites files would be deleted.

Ransomware attacks lock access to files unless the victim pays a ransom to have them decrypted.

In the government’s case, the attacker demanded payment by Bitcoin, which is a form of digital currency and is used by hackers because it allows them to remain anonymous.

Later in the morning visitors to the website were met with a blank page before the government posted a notice alerting visitors there was a problem with the site.

The website was back up by 4:30 p.m.

Cudmore said the problem was discovered Monday morning.

“Like most exploits the software that we were using had a particular vulnerability that was exploited by this hacker in order to modify the site,” he said.

The safety of data on the site was the primary concern when the breach was noticed and the government shut down the site, Cudmore said.

Although the attacker demanded money to get the website decrypted, Cudmore said the province didn’t pay the ransom.

“No, it did not,” he said.

Cudmore said the government was able to restore the website from a backup.

“We’re also ensuring that this particular exploit doesn’t happen again by basically applying a patch to that underlying software.”

Ryan.ross@theguardian.pe.ca

Twitter.com/ryanrross