Officials say hackers were able to send emails to members of the public from City email accounts.
The City of Welland is investigating after residents reported receiving suspicious emails from City accounts.
On December 7th, the City's Information Services Department detected unauthorized email access, which uncovered a cyber breach.
A small percentage of emails were stored on the compromised server, and the outside parties were able to send emails from the accounts they accessed.
"As soon as we found out about this breach, we began working on a solution," said CAO Steve Zorbas. "The privacy and integrity of sensitive information is a number-one priority, and we are taking every action to mitigate the risk and enhance the security of our servers. In addition, we are taking the required steps to mitigate this possible privacy breach in accordance with the Municipal Freedom of Information and Protection of Privacy Act and reviewing our processes to ensure these types of breaches do not occur."
While further protections have been installed, and there hasn't been any malicious activity since December 14th, the City says outside consultants have been retained to determine the cause of the breach.
While it hasn't been confirmed, officials note that it appears that spreading malware was the primary reason for the attack.
Residents are advised to verify links before clicking on them, avoid sending private information over email or texts, and apply software updates and patches.