Southold Laserfiche access remains suspended after cyberattack

Access to Southold’s online record-keeping system Laserfiche remains suspended with no timeline for restoration, more than six weeks after a cyberattack forced the town offline.

Southold is currently completing $500,000 security upgrades, funded through a Town Board-approved bond, before restoring public access to the system after hackers breached servers on Nov. 24.

Supervisor Al Krupski and the town’s Information Technology department said they could not provide an estimated timeline for restored public access to Laserfiche when reached by The Suffolk Times on Monday, Jan. 12.

“Once we get done [with the upgrades] Laserfiche will be open to the public,” Mr. Krupski said. “We want to make sure it’s secure before we open it up.”

The record-keeping system is being used internally by town employees, Mr. Krupski added. 

The town’s taxes and permit portal remain available. Anyone looking to access information that would normally be available through Laserfiche can contact the Town Clerk’s Office at 631-765-1800 or at [email protected].

Town Clerk Denis Noncarrow told The Suffolk Times there have been “slightly more” people asking for access to web records during the disruption, though “not a huge amount.”

“People are looking forward to it coming back, but people have been very understanding of what went on,” Mr. Noncarrow said. “The IT department is making sure everything is totally secure before they open the stuff up.”

While IT works on the upgrades, the FBI Cyber Crimes Task Force stationed in New York continues its investigation into the cyberattack as lead investigator.

Mr. Krupski did not have any updates on the investigation. An FBI spokesperson did not comment.

The cyberattack a day before Thanksgiving forced Southold police to write reports by hand before nearly all of the town’s computer systems were restored by Dec. 9. The FBI, Department of Homeland Security and county officials responded in the wake of the attack.

Town officials discovered a ransom note the morning of the attack but did not open it, Mr. Krupski previously told The Suffolk Times.

Suffolk County experienced a similar breach three years ago. In September 2022, a ransomware attack hit county systems and stole a “significant amount” of data — budgets, credentials, passwords — according to the county legislature’s special cyber intrusion investigation committee report released in September 2024. 

The hackers posted personal information of residents, employees and retirees on the dark web, including Social Security and driver’s license numbers. State contracts and Suffolk County Court records were also revealed on the dark web after the breach.

The costs of response and remediation tied to the attack were around $25 million, according to the 2024 report.

The special committee found that insufficient coordination between the county’s IT teams and the absence of a cyber-attack response and recovery plan “significantly hindered the county’s ability to respond.”