City offices, including the library and municipal court, have been closed since unusual network activity was detected on Friday, October 17. According to the city, staff immediately took the municipal network offline and engaged federal and state authorities—specifically the Federal Bureau of Investigation and the Tennessee Bureau of Investigation—alongside a third‑party cybersecurity firm to investigate and contain the breach.

With forensic work and system recovery still underway, La Vergne is cautiously restoring select services. The city said a “soft opening” will begin Monday, Oct. 27, and warned that operations will be limited. Staff will not be able to look up account information, answer balance inquiries, or handle requests that require access to internal records. Departments open to the public may accept payments by check or money order while digital systems remain restricted.

Two key facilities—the public library and city court—will remain closed on Monday. The exterior book drop will stay available for returns during the library’s closure, the city noted.

Officials emphasized that the city’s IT team, working with investigators, is methodically validating each computer and application before bringing them back online. “Data will not be able to be accessed until investigations into the system breach are complete,” the city said, adding that employees are continuing to provide in‑person services where possible during the recovery period.

What residents can expect Monday

• Limited in‑person services during a phased “soft opening.”
• No account lookups, balance inquiries, or services requiring access to city records.
• Some departments may accept payments by check or money order only.
• The library and city court will remain closed; the book drop is open.

How the response is unfolding

The investigation began after staff detected “unusual activity” on the city’s network on Oct. 17 and took systems offline to prevent further risk. That initial containment step is standard practice in suspected cyber incidents, especially in local governments where interconnected systems can expand the blast radius if not quickly isolated.

The city’s coordinated response—bringing in the FBI, TBI, and a specialized cybersecurity firm—reflects current best practices for municipal breaches. Federal and state investigators typically focus on identifying the intrusion vector, determining whether any data was accessed or exfiltrated, and preserving evidence for potential criminal cases. Third‑party responders handle forensic analysis, eradication, and safe restoration of services.

As part of that process, cities often bring systems back online in stages. Each endpoint and application is scanned, patched if necessary, and verified before reconnecting to the network. That can mean temporary limitations on billing, records access, and other digital services until the environment is fully cleared and stabilized.

The road back to normal

La Vergne did not disclose the nature of the suspected attack or whether any personal data was compromised, citing the ongoing investigation. The city’s public statements suggest a deliberate, security‑first recovery approach: keeping data and core systems offline while verification continues, offering partial in‑person services, and accepting low‑risk payment methods such as checks and money orders in the interim.

Residents should plan for intermittent disruptions as the city completes its forensic review and gradually restores access to records and online portals. Officials said they will continue providing essential services to the community throughout the recovery and will share updates as more systems are brought safely back online.