North Carolina Cyber Attacks

Infrastructure Affected

Public Safety
North Carolina.jpg

Public Safety

Greenville Police Department & City of Greenville, Pitt County

Breach Type - Unknown, Ransomware


  • A virus caused the city to shut down several systems in an attempt to prevent it spreading
  • It was first noticed by a member of the Greenville Police Department
  • Many servers have been shut down for a while of the foreseeable future
Read More
Bleeping Computer

  • The virus was discovered to be a ransomware called RobinHood
  • There are several snapshots of how the ransomware looks and what the messages were
  • Ransomware states that it values the victim’s privacy and will “not” disclose private information of those who have paid
Read More

Orange County Sheriff’s Office & Orange County Government, Orange County

Breach Type - Unknown, Ransomware

Herald Sun

  • Orange County network attacked by ransomware virus, caused numerous issues at several agencies, including Sheriff's Office
  • Officials were uncertain when services would be restored, but were slowly understanding the attack
  • Officials believe that none of the personal data stored on the system was compromised or stolen
Read More

Pasquotank-Camden Emergency Medical Services, Pasquotank County

Breach Type - Hacking, Data Breach

Beckers Hospital Review

  • Pasquotank-Camden Emergency Medical Services hacked, possibly affected over 20,000 individuals
  • Local police and federal law enforcement discovered foreign entity hacked system
  • Leaked information includes SS numbers, DOB information, and medical information
Read More

Town of Clayton Fire Department; Johnston County

Breach Type - Phishing, Other

ABC 11

  • Hackers are using police, fire chief’s emails to try and steal information
  • Official email address of Clayton’s Fire Chief Lee Barbee compromised in cyber attack
  • Fraudulent emails containing malicious attachments sent to Barbee’s contacts
Read More

Burlington Police Department; Alamance County, Guilford County

Breach Type - Phishing, Other

WF My News 2

  • City of Burlington sent out an alert detailing attempted cyber attack on the City
  • Hackers compromised Police Captain, Mark Rascoe’s email
  • City of Burlington warned, those at risk, against opening malicious emails from that address
Read More

Davidson County

Breach Type - Ransomware

The Dispatch

  • SamSam ransomware shuts down county business
  • 911 director notified county that there was suspicious activity within its server
  • Shut down 70 servers & all phones
  • Hackers ask for $23,000 ransom
  • County has proper backups in place
Read More

Mecklenburg County & later Mecklenburg Sheriff’s Office

Breach Type - Ransomware

Fox 46

  • Hackers freeze servers, county officials could not access information
  • Malware discovered on 30 servers
  • Demand ransom of $23,000
  • Employee clicked infected email link
Read More
Washington Post

  • Problems do not affect emergency calls
  • Calls handled by the city of Charlotte
  • Checking in arrestees by hand
  • Website having issues updating info on jail inmates
Read More
Charlotte Observer

  • After refusing to pay ransom, Mecklenburg discovers 2nd hacking strike
  • IT staff discovered more attempts to compromise info
  • LockCrypt (from Iran or Ukraine) new strain of ransomware
  • Limiting use of email/email attachments
  • Conducting business via phone or in perso
Read More
Daily Mail

  • Hackers failed 2nd hacking attempt
Read More


Local Government

Town of Maxton, Robeson & Scotland Counties

Breach Type - Unknown, Malware

Laurin Burg Exchange

  • Maxton Board of Commissioners discovered theft of $30,000 from its bank account
  • Theft was result of cyber attack involving malware from exterior bad actor
  • Investigation being conducted by police department, insurance was able to cover half of funds missing
Read More

  • Maxton city officials briefed on details from malware attack that stole $30,000
  • Three additional banks in other towns were also victims of the same attack
  • Bank officials cooperating with investigation, remorseful of the situation
Read More

Onslow County Water and Sewer Authority, Onslow County

Breach Type - Ransomware


  • Water and Sewer Authority experienced persistent virus attacks from Emotet malware
  • The malware launched sophisticated ransomware variant, known as Ryuk, which quickly encrypted databases and files
  • The authority is coordinating with the FBI, DHS, state of North Carolina, and several technology security companies in response to attack
Read More

Town of Kill Devil Hills, Dare County

Breach Type - Other

The Outer Banks Voice

  • Undisclosed failure caused problems at Town of Kill Devil Hills
  • Computers & telephones affected
  • Technical support staff diligently worked to correct situation
  • Emergency calls not affected during outage
Read More

Pasquotank County

Breach Type - Ransomware

Daily Advance

  • Five Pasquotank County servers encrypted by ransomware
  • Ransomware variant identified as "Amnesia/Scarab" virus
  • Hackers demanded $2,500 ransom
  • County does not intend to pay for decryption keys
Read More

Catawba County

Breach Type - Hack


  • Letters notifying more than 9,000 employees
  • Officials discovered employee personal information may have been compromised
  • County's health insurance information in human resources may have been affected
  • Hack affected human resources & payroll system
Read More

NC State Elections Website

Breach Type - Hack

The News & Observer

  • Part of Islamic Union test hacks of government websites
  • Team System Dz claims responsibility
  • NC one of 76 websites impacted in this string of ISIS Propaganda
Read More

NC Counties Russian Election Hacking

Breach Type - Hack


  • Hackers attempted to compromise electronic records in 21 north carolina counties
  • Ashe, Cabarrus, Cleveland, Craven, Cumberland, Durham, Edgecombe, Franklin, Gaston, Gates, Granville, Halifax, Hyde, Johnson, Mecklenburg, Nash, Rowan, Sampson, Vance, Warren, Wilson
  • Software produced by VR systems was target of hackers
  • Software does not play any role in ballot marking or vote tabulation
Read More

City of Durham

Breach Type - Ransomware


  • Hacked at least three times
  • Hackers could not access sensitive data
  • Reset computers and used data from backups
Read More

Raleigh, Wake County

Breach Type - Hack

The Hill

  • “Anonymous” Hackers attempt to take down North Carolina gov websites
  • Websites were inaccessible
  • Political protest in opposition to bathroom sex assignment laws
Read More

Durham, Wake County

Breach Type - Ransomware


  • Computers corrupted one by one
  • City of Durham did not pay ransom
  • Data kept on backup servers
Read More



Catawba Valley Medical Center, Catawba County

Breach Type - Phishing, Data Breach


  • Cyber Attack impacted 20,00 patients and sensitive information
  • Employee opened a phishing email attached to a larger scam
  • Three separate employee accounts were compromised
Read More

Atrium Health

Breach Type - Hacking, Data Breach

Herald Courier

  • Hack on Atrium’s billing vendor could compromise information of over 2.5M patients
  • Information was accessed not downloaded
  • Medical records were not compromised
Read More

Catawba Valley Medical Center, Catawba County

Breach Type - Phishing, Data Breach

Data Breaches

  • Hackers accessed three Catawba Valley Medical Center employees’ email accounts
  • CVMC launched investigation
  • Private patient data potentially exposed to hackers
Read More

Wake Forest Baptist Health - Wilkes Medical Center, Wilkes County

Breach Type - Malware

Spam Fighter

  • Computer work stations at Wake Forest Baptist Health compromised by virus
  • Employees following downtime procedures for the disruption
  • Patient data not stored locally – private data not compromised
Read More

Diagnostic Radiology & Imaging, LLC.

Breach Type - Phishing

Data Breaches

  • Phishing attack leaves private patient data exposed to hackers
  • 800 patients potentially compromised
  • No financial information was accessed
Read More

Coastal Cape Fear Eye Associates

Breach Type - Ransomware

Data Breaches

  • Hacking incident compromised data of 925 patients
  • Private patient data was not exfiltrated from the system
  • Data was accessed by hackers
  • Coastal notified patients and is offering guidance moving forward
Read More

Allscripts' E.H.R. Services

Breach Type - Ransomware

Becker's Hospital Review

  • Ransomware attack impacts limited number of Allscripts' applications
  • The affected applications hosted in data centers located in Raleigh and Charlotte, N.C.
  • Multiple systems unavailable including electronic prescribing of controlled substances, regulatory reporting, clinical decision support, & more
  • Those concerned are encouraged to reach out to Allscripts Support
Read More

First Health

Breach Type - Ransomware

The Pilot

  • Malware disrupted several First Health facilities in North & South Carolina
  • Virus started on non-clinical device and infected clinical devices via the same network
  • 4,000 devices to check and more than 100 physical locations potentially infected
  • Deployed an anti-virus patch to be used on all systems
  • No evidence of data breach has surfaced
Read More
Healthcare IT News

  • Ransomware variant identified as WannaCry
  • Devices remain offline out of abundance of caution
  • Delays and patient appointment cancellations experienced, excluding those in need of critical care
Read More



Rockingham County Schools, Rockingham Co.

Breach Type - Phishing, Virus

Rockingham Now

  • Employees fell victim to phishing scheme
  • Downloaded malicious Word document attachments
  • Virus shut down computer network and internet structure
Read More

Davidson County Schools

Breach Type - Phishing


  • Davidson County Schools fall victim to spear-phishing scheme
  • W-2 information for 3,200 employees sent to scammer
  • Potentially affected individuals advised to implement two factor authentication on their accounts
Read More