Skip to content
Join our Newsletter
Join our Newsletter

Whistler residents asked to be vigilant after ransomware attack

RMOW services still down; Tuesday's council meetings cancelled
muni hall
In-person services at Whistler's municipal hall have been temporarily suspended (along with other RMOW services) following a ransomware attack earlier this week.

The Resort Municipality of Whistler (RMOW) is asking the public to be vigilant about communications appearing to come from the RMOW following a ransomware attack earlier this week, and reminding people that the municipality does not ask for private information by phone or email.

A forensic investigation is underway to determine whether information was accessed by the hackers.

Should the investigation determine that personal information was accessed, the RMOW said it will inform affected individuals immediately. Meanwhile, the municipality is further strengthening its security safeguards to ensure that all information in its custody remains secure, according to an update posted to

“I appreciate that this is having a large impact on our community already challenged by COVID-19, as well as Whistler property owners and those who have accessed RMOW services in the past,” said chief administrative officer Virginia Cullen. “Although we have robust protections in place to prevent this type of illegal event, these cyber criminals breached our server. As soon as we were aware of this, we took measures to prevent further access, and are now in the process of working with cybersecurity experts before we put the system back online.”

Infrastructure such as water and sewage, and emergency systems such as 911 and the Whistler Fire Department have been secured and continue to operate as normal, though RMOW email, phone and network services are still offline. In-person service at municipal hall has also been temporarily suspended.

All council meetings scheduled for Tuesday, May 4 have been cancelled.

An Incident Command Team has been activated to focus on business continuity and restoration of services, and the public can call 604-932-5535 from 8 a.m. to 4:30 p.m. Monday to Friday with any questions.

After gaining access to the municipal server earlier this week, the "cyber criminals" left an ominous message.

“this is very fun … guys, if we do not talk now, you’ll have big troubles in future,” read the message.

“I have a lot of patches on your systems to gain access and you can’t restore your network from backups again. So talk in chat and i’ll stop this now. I’m waiting.”

The message included a link to download the Tor browser, which enables anonymous communication online, along with another link followed by more ominous words: “no way to run.”

Find updates at, and check back with Pique for more as this story develops.