Fulton to spend $10M for upgrades after cyber attack

The firm was selected to upgrade Fulton’s enterprise resource planning software, known as ERP, through a request for information process that started in 2022.

Fulton has been using its current internal software for 25 years, officials said, adding that it is seven versions behind modern technology.

In addition to approval of funds to CGI, the commission approved a $1.2 million payment to ISG Public Sector to provide independent verification and validation services during the CGI software upgrade.

Fulton plans to complete the tech upgrade before mid-summer 2025.

“I think many of you now know the importance and how mission critical an ERP platform is to operating an organization,” Fulton Information Technology CIO Kevin Kerrigan said. “This is how we pay our vendors, how we pay employees, our retirees; how we interact every day with our community. This is really the backbone to how we conduct business.”

The hacking group LockBit claimed responsibility for the ransomware attack. County officials on Tuesday said they did not pay the hackers and that no ransom was paid on the county’s behalf.

During Wednesday’s meeting, Anderson provided a brief update, saying recovered and restored data from the breach has been “largely” uploaded to the county’s software systems. Vendors are being paid with some delays, he added.

The county expects to be able to make pension payments as usual on March 1.

Email systems are working and about half of the county’s phone numbers are restored and operating normally, Anderson said.

More information can be found at fultoncountyga.gov/cyberresponse.