City of Lafayette, CO Opts to Pay Ransom of $45,000

September 30, 2022


Lafayette, Colorado fell victim to ransomware on July 27, which encrypted the city's computer networks and caused disruptions to phone services, email and online-payment and reservation systems. It's thought that the unidentified ransomware entered the city's network via a phishing or brute force attack. Lafayette opted to pay the cyber criminals perceiving it to be the quickest and most cost effective way to restore municipal services to residents.

Other cities across the US have paid hundreds of thousands of dollars to criminals in exchange for returning the network.

Incident Date

July 27, 2020

Estimated Cost

$45,000 Ransom paid

Type of Malware

Threat Source

No threat source identified