APEX, N.C. (WPTF) – Some 22,000 individuals may have their data compromised in the fallout from a ransomware incident involving the town of Apex.
The town says an investigation led by cybersecurity professionals recently returned the results of an investigation. They also say there is no evidence of this information being found on the dark web, and no indication that it will be posted there.
The town successfully pursued legal action to ensure the return of this data that had been unlawfully taken during the ransomware attack and stored with a U.S.-based cloud service provider.
Following the incident in July 2024, the Town worked with federal authorities and legal counsel at Octillo Law to identify where its data had been uploaded. The FBI and the cloud storage provider Bublup, Inc., confirmed that the attacker stored Town data within Bublup, Inc.’s cloud. Bublup, Inc. was not responsible for the attack, but the company declined to release the data back to the Town without a court order. The Town of Apex petitioned the Wake County Superior Court for immediate relief to protect public services and the community’s information.
On October 10, 2024, the Court granted a Temporary Restraining Order (TRO) requiring Bublup, Inc. to provide the Town full and direct access to its data. The order, extended on October 21, ensured that Apex could review and recover essential information.
This action set what town leaders say could be an important legal precedent: a local government successfully compelled a U.S.-based cloud provider to return data stolen in a cyberattack. By pursuing this remedy, the Town of Apex demonstrated that municipalities have the right to recover their own data when it is unlawfully taken and the lack of access is harmful to Town interests.
Since the recovery, the Town of Apex has worked continuously through the complex analysis of the data in order to identify and notify the affected individuals whose personal information may have been involved. This included working with a trusted third-party data analytics team as the Town conducted an in-depth review of the impacted data.
“As challenging as this case was, one factor worked in the Town’s favor: the data was being held by a U.S.-based cloud provider,” said Dan Greene of Octillo Law in a press release. “Because the provider was subject to U.S. law and the jurisdiction of our courts, we were able to obtain a restraining order that compelled the return of Apex’s data. If this information had been stored on overseas systems, recovery of this variety could not happen.”
“Victims of this kind of ransomware attack are rarely able to pursue legal action, but in this case, we saw a chance, and Apex’s leaders were adamant that we take it. This underscores the importance of having enforceable legal tools to protect communities when their data is at risk.”
“When public data is targeted by criminal actors, we must have clear pathways to recover it quickly,” said Apex Town Manager Randy Vosburg. “We saw the opportunity, and we hope that taking decisive legal action in this case will allow other local governments to also take a stand for the privacy rights of their residents.”