4 Suffolk County IT employees subpoenaed for questioning about cyberattack

During Monday’s meeting, committee members did not say what specific information they are seeking from these employees.

Rachel Yonkunas

May 8, 2023, 9:38 PM

Updated 598 days ago

Share:

A special legislative committee created to investigate Suffolk County’s massive cyberattack will use its subpoena powers for the first time to compel witness testimony from county employees.
Four employees of the county’s IT department will be subpoenaed for questioning by the Cyber Intrusion Investigation Committee. The employees have not been identified.
According to the committee’s special counsel and former U.S. Attorney for the Eastern District of New York, Richard Donoghue, the four county IT employees are being subpoenaed because they declined to voluntarily speak with the committee.
“As a result, I have requested that the special committee issue subpoenas in accordance with its power to compel the interviews of these witnesses so the investigation can move forward,” said Donoghue.
During Monday’s meeting, committee members did not say what specific information they are seeking from these employees.
Daniel Levler, president of the Suffolk Association of Municipal Employees (AME), said they are not aware as of yet of any union members being subpoenaed in regards to the committee’s investigation. However, if and when any of their members do receive a subpoena to testify, Levler said they will be provided with legal representation to ensure their rights are fully protected.
The committee has been investigating what led up to the September hack that shut down services for months and cost the county millions of dollars. The committee has so far received 20,000 documents and interviewed nine witnesses.
The committee also reported that the county did not have cyber insurance or a cyber breach remediation and recovery plan at the time of the cyberattack. Donoghue said that likely contributed to the long recovery period. He also said it is apparent that the county did not implement recommendations from a “cyber-checkup.”
County Executive Steve Bellone has taken accountability for not executing the recommendations in a 2019 cybersecurity assessment, adding that the county will not make the same mistake twice. The county has since hired a chief information security officer and increased funding for cybersecurity.
The County Executive’s Office remains supportive of the committee’s efforts to investigate the cyberattack, a spokesperson said.
An estimated 500,000 people have been affected by the data breach. The county’s cybersecurity firm, Palo Alto Networks, said hackers bypassed their firewall by leveraging a weakness in the County Clerk’s network. According to their forensic report, cybercriminals encrypted 71 county systems with ransomware.