Mecklenburg County, North Carolina, has 48 of its 500 servers taken over by ransomware.
County Manager Dena Diorio said earlier Wednesday: "Through a third-party cybersecurity firm we have been in contact with the hackers and we understand their demands. No decision has been made to pay or not to pay."
Based on the attributes, hackers linked to either Iran or Ukraine seem to be behind the ransomware attack, Diorio said, and they are apparently using a new strain of ransomware.
The county attributed the breach to an employee clicking on a malicious link.
The human factor strikes again.
Late Wednesday, the county announced it would not pay despite the fact many services have been impacted by the ransomware attack. Instead, the county says it has backups and will spend several days restoring services and files from those backups.
The hackers had demanded a Bitcoin ransom that was the equivalent of $23,000, as you can see in the tweet above.