Lansing, MI, Public Utility Compromised by Attack, $25K Ransom paid.

September 28, 2022


The Board of Water and Light (BWL) in Lansing, Michigan, was struck by ransomware on Monday, April 25. 2016. The cyberattack shut down BWL's accounting and email systems after an employee unknowingly opened an email with an infected attachment. This would seem to be the first disclosed example of a utility being successfully compromised by ransomware.

The Lansing Board of Water & Light paid a $25,000 ransom to unlock its internal communications systems after they were disabled by a cyberattack last spring, officials said Tuesday. BWL General Manager Dick Peffley pegged the cost of responding to the emergency, including the ransom and technology upgrades to prevent future attacks, at $2.4 million. All but $500,000 of those costs are covered by insurance. Paying the ransom was “the only action we could take to unlock our system and free it from the ransomware.”

Incident Date

April 25, 2016

Estimated Cost

$25,000 ransom paid. Cost of responding to the attack: $2.4 million.

Type of Malware

No Malware identified

Threat Source

No threat source identified