TULSA - A hacking scare led to the city's website being shut down last month. The concern also prompted the city to send letters out to citizens saying their information may have been compromised at a cost of $20,000.
Turns out, it wasn't hacked at all. The city says a security company it hired, called SecurityMetrics, ran a security test, and the city mistook it for an attack.
Last week the city told us this, "People in our IT department did run down the IP address where this was coming from and what showed up was an IP address that they attributed to a known spammer."
But SecurityMetrics tells us that's a mistake. They say they never try to appear as spam, and if the city's IT looked into the IP address, it would have clearly shown it belonged to SecurityMetrics.
They also tell 2NEWS they sent an email to the city right after the scan was done. Plus, the company sent us a statement saying "each client has 24/7 online access to their SecurityMetrics account which includes times of past and future scans."
"It's really an embarrassing situation for the city government and you rely on experts in an area like this. I am not an it expert, the mayor is not an it expert we have to rely on people who are," said Tulsa City Councilor G.T. Bynum.
The city of Tulsa told us the issue is a personnel matter, but did send a statement saying, "The Information Technology Department is actively finding areas of improvement in processes and taking additional security measures on the website. Mayor Bartlett has expedited a comprehensive review of the Information Technology Department."
The city placed chief information officer Tom Golliver on leave with pay shortly after the website shutdown ended.
City councilors will discuss this very issue at a meeting on Thursday. 2NEWS Investigators will be there, and we will bring you the latest information.