July 11, 2020

Volume X, Number 193

July 10, 2020

Subscribe to Latest Legal News and Analysis

July 09, 2020

Subscribe to Latest Legal News and Analysis

Idaho County's Ransomware Payment Is a Good Reminder to Check Your Preparedness

A recent article reporting that Bingham County paid approximately $3,500 in ransom to recover information and spent nearly $100,000 to respond to the attack highlights the need to take steps now to protect yourself against ransomware and be prepared in the unfortunate situation you too are a victim.

County Pays Ransom

EastIdahoNews.com reported that Bingham County discovered the attack on February 15, 2017, and received a demand for $28,000 delivered in bitcoin for a password to decrypt the county servers. All but a few servers were backed up, enabling the county to recover its information without paying the ransom. After determining it would be more expensive to buy new servers to replace three infected servers, Bingham County paid the hackers 3 bitcoins, or about $3,500, for the decryption key. The county is still recovering after spending about $100,000 to respond to the attack and operations may not return to normal until 2018

Copyright Holland & Hart LLP 1995-2020.National Law Review, Volume VII, Number 68


About this Author

Claire C. Rosston, Holland Hart, Commercial Transaction Lawyer, Government policy Attorney,

Ms. Rosston provides strategic counsel to companies in a wide range of commercial transactions, from complex deals involving asset and equity sales and purchases, real estate, and secured financing to contract negotiation and drafting. She also assists clients with corporate governance, forming business entities, and government contract matters.

Ms. Rosston has experience with matters involving stock and membership interest transfers, indemnification, nondisclosure, commercial and residential leases, easements, natural resource extractions, land...

C. Matt Sorensen, Holland Hart, regulatory compliance attorney, data breach management lawyer

Mr. Sorensen is a Certified Information Systems Security Professional (CISSP) and Certified Information Privacy Professional in both the United States and Europe (CIPP/US and CIPP/E), focusing his practice on domestic and international data privacy and cybersecurity law. He advises companies across industries on breach prevention, cyber-attack preparedness, information governance,  regulatory compliance, and data breach management. In particular, he helps clients understand how to create and implement effective compliance programs and controls.

Clients benefit from Mr. Sorensen’s combined legal experience and strong technical background. Prior to joining Holland & Hart, Mr. Sorensen served as the IT Compliance Officer for the Corporation of the Presiding Bishop of the Church of Jesus Christ of Latter-Day Saints, where he helped oversee an information security program spanning 58 countries and more than 60 business lines. He has held various information risk management roles, advising businesses in the financial, technology, and legal industries.