Last week we were made aware of a system vulnerability that exposed one of our IT systems to a potential cyberattack. We immediately took precautions by consulting with our internal cybersecurity team and our external cybersecurity regional partners and confirmed the early stages of a security breach.

This particular attack appeared to have originated from outside the country and involved exploiting a vulnerability with one of our vendors that created a “back door” that would allow future access to our network. We caught it in time, and it doesn’t appear that any of our data was compromised – this time.

I share this not to scare you, but to emphasize that this threat is very real. We have over 1,000 employees with a city email address, generating upwards of 200 fraudulent incoming emails every day. Just one wrong click and Carlsbad could be the next national news story about a city paralyzed by a ransomware attack.

As a reminder, here are the top 5 things you can do to help keep our systems secure:

• Complete your cybersecurity training.

• Be suspicious of email. Bad grammar, email addresses that don’t match the name, requests to verify information – these are all signs of a potential attack.

• Report all suspicious email by using the “Report Email” icon on your Outlook toolbar. Err on the side of over-reporting!

• NEVER share your password with ANYONE. Keep city laptops, flash drives and phones secure.

Thank you for continuing to keep Carlsbad safe.