UPDATE: City of Akron officials say their website has been restored to allow income tax payments by registered users although a statement on the home page warns that some features continue to be disabled.
The Beacon Journal is seeking an explanation of which features remain disabled.
It appears web addresses for some pages have changed, which may be causing some confusion. The income tax payment page appears to be available at http://ci.akron.oh.us/1040/. The city’s police incident reports and news release sections were not working at noon.
The city of Akron expects to restore full function to its website today, just in time for businesses to submit payroll taxes.
The move comes almost a month after hackers crippled the website and posted sensitive taxpayer information on another public website.
Deputy Mayor Richard A. Merolla said the city’s website is expected to be restored early this morning. He said that if the system fails, payroll managers should call the city’s income tax department to arrange for a later payment.
Payroll taxes normally are due on the 15th of each month, but the deadline for June is today because of the weekend.
On May 16, a Turkish group penetrated the city’s site, posted a political message and took data with names, addresses and Social Security numbers and put them on a public site. That site has been taken down.
The city offered free credit freezes for consumers whose data were exposed in the hacking.
No one has reported being a victim of identity theft from the city’s hacking.
Richard Schmahl, the city’s chief information officer, was appointed in December and he has said a “penetration test” to find hacking vulnerabilities on the site had not been conducted since then. The city declines to say when the test was performed before then because of security concerns.
The city’s previous chief information officer, Richard Leo, served from 2004 to 2006. After his resignation, those duties were spread among a variety of employees until Schmahl’s appointment more than six years later.
The city also laid off “three or four” information technology employees after the recession reduced city revenue, according to Merolla. He said none of the people laid off was key to supporting the site’s security.
Merolla said multiple hacking attempts come every day, and there were no substantial break-ins while the city did not have a chief information officer.
“We were catching everything,” he said. “Nothing got through. And all the different vendors that we use to provide security were doing their job and this one managed to get through and we weren’t completely hack proof, which I don’t know anybody is, but we learned.”
The city says it spends about $125,000 a year to outside companies for security advice.
Merolla said city officials learned from the hacking experience.
“I wouldn’t say you get complacent but when you are successful at thwarting all the attempts that come in, you tend to think you are doing a good job and to my knowledge we were, and no matter who you are, you are going to get hit. When you read about the defense department and contractors, Twitter, technology companies, that’s all they do is technology, and they get hit. And you think, how do you win this battle? You just gotta stay vigilant.”
Merolla said the city might have had a new website by now if the IT staff had not been diverted by the hacking.
He expects the updated website to be launched this summer with additional features. For example, he said residents would be able to sign up for a larger-than-usual trash pickup at any time on the new website.
Dave Scott can be reached at 330-996-3577 or davescott@thebeaconjournal.com. Follow Scott on Twitter at Davescottofakro.