California Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
California.jpg
 

Public Safety

City of Banning & Banning Police Department, Riverside County

Breach Type - Unknown, Ransomware

Record Gazette

  • City officials advised they were attacked by Ryuk ransomware virus
  • Officials further stated that all files on all computers have been inaccessible
  • No ransom demands were discovered, Police Department systems restored first
Read More

 
Port of San Diego & San Diego Harbor Police Department, San Diego County

Breach Type - Ransomware

The San Diego Union-Tribune

  • Port of San Diego targeted by highly sophisticated ransomware attack
  • Attack additionally impacted the San Diego Harbor Police Department
  • The police department is forced to use alternative technology systems as a result
  • Port has placed public safety systems on high priority for restoration
Read More

 
San Benito Government & Public Safety Systems, San Benito County

Breach Type - Malware

BenitoLink

  • County systems down for more than a week due to malware attack
  • Critical & Public safety services interrupted
  • “Pen & paper” techniques implemented to continue functionality
  • Remains unknown how virus infiltrated network
  • San Benito Co. Sheriff’s Office restoration made priority
Read More

 
Calaveras Co. & Sheriff's Office

Breach Type - Hack

Times Union

  • Hacked to display pro-islamic state
  • ISIS Propaganda
  • Team System Dz takes credit
Read More

 
BACK TO TOP

Local Government

Contra Costa County Elections Office, Contra Costa Co.

Breach Type - Phishing, Ransomware

Mercury News

  • Contra Costa County elections office hit by cyber phishing attack
  • Phishing e-mail used in attack led to point of origin being in Russia
  • Malware involved was likely ransomware, no data was compromised
Read More

 
Imperial County Website System, Imperial County

Breach Type - Unknown, Ransomware

LA Times

  • Imperial County website hacked from exterior source
  • Network was attacked by Ryuk ransomware
  • Ransomware demanded payment in bitcoin, county refused payment
Read More

 
Orange County Sanitation District, Orange County

Breach Type - Phishing, Data Breach

OCRegister

  • Over 1,000 employees were notified as their information was assessed following a phishing scheme
  • The district was notified after files noting a compensation fund were accessed within NFP Corp.
  • Employees were told to enroll in a fraud watch over their credit following this attack
Read More

 
California Department of Consumer Affairs

Breach Type - Malware

Sacramento Bee

  • California Department of Consumer Affairs suffered malware attack
  • 50 workstations affected, and computer networks disrupted
  • Despite entire network being shut down, consumers were still able to visit its website
Read More

 
City of Bakersfield, Kern County

Breach Type - Other, Data Breach

Bakersfield

  • Cyber security incident compromised personal & financial information of those who used Click2Gov online payment
  • City investigated & discovered an unauthorized party inserted a code into the Click2Gov system
  • The code found was designed to capture payment card data
  • A total of 2,400 user accounts may have been affected
Read More

 
City of Thousand Oaks, Ventura County

Breach Type - Other, Data Breach

Thousand Oaks Acorn

  • City of Thousand Oaks’ online bill-pay service has been compromised for the second time in the past year
  • Damage is extremely limited
  • Customer contacted City Hall about a credit card fraudulently used elsewhere
  • Suspicious file found on the server by City’s vendor
  • Immediately, server taken offline
Read More

 
City of Indio, Riverside County

Breach Type - Other, Data Breach

StateScoop

  • City of Indio residents fall victim to data breach
  • Vulnerability in Click2Gov software exposes payment cards used online
  • The payment cards and some private information was exposed
  • No illicit activity has impacted residents yet
Read More

 
Congressional District Democratic Candidate’s Campaign Website

Breach Type - Other/TDoS/DDoS

Rolling Stone

  • California Democrat Bryan Caforio fell victim to DDoS attacks, known as Hulk attacks, which shut down his campaign website for 21 hours during the primary election season
  • Voters were unable to access campaign website, learn information on the candidate, and unable to donate to his campaign as a result
  • Cyber experts believe the attacks were launched using AWS server space
  • Department of Homeland security was notified by the campaign and willing to launch investigation into the repeated incidents
Read More

 
City of Morgan Hill, Santa Clara County

Breach Type - Other/Data Breach

Morgan Hill Times

  • Hundreds of Morgan Hill employees’ financial information exposed
  • W-2 Summary report accessed by hackers
  • 480 former & current city employees affected in hack
Read More

 
City of Oxnard, Ventura County

Breach Type - Other/Data Breach

KEYT 3

  • Data breach compromised personal information of Oxnard's online utility payers
  • Vulnerability in city's software allowed hackers to gain confidential information
  • City of Oxnard shut down system to implement additional security measures
Read More

 
City of Pasadena

Breach Type - Phishing

Pasadena Now

  • City employee email accounts compromised through phishing scheme
  • Hackers use access to accounts to send out fraudulent emails to city contacts
  • City immediately disabled accounts & changed passwords of all city employees
  • Advising residents/associates to take caution when opening emails from city
Read More

 
City of Thousand Oaks, Ventura County

Breach Type - Other/Data Breach

California Office of Attorney General

  • Unauthorized actor potentially gained access to City vendor
  • Click2Gov online payment system contained credit card transactions
  • Those potentially affected, advised to review payment card account statements closely
Read More

 
California State Election System

Breach Type - Hacking

NBC News

  • Claims websites were affected & scanned
  • Claims hacks were not directly related to voting
  • Want to take preventative measures for next election
Read More

 
Sausalito City Government

Breach Type - Phishing

KQED News

  • Current and former Sausalito government employees had W2 info exposed
  • 147 employees affected
  • City notified IRS, FBI, & California Franchise Tax Board
  • Sausalito Police Department investigating the breach
Read More

 
City of Alameda Website

Breach Type - Cryptojack/Other

WCCF Tech

  • Over 4,200 victims hijacked to mine Monero cryptocurrency
  • Secretly hijacked using compromised plug-in called "Browsealoud"
  • Though sites were affected for hours, no user data was affected/compromised
Read More

 
California Voter Registry

Breach Type - Ransomware

SC Magazine

  • Unprotected MongoDB server
  • Database has been deleted by cyber criminals
  • Ransom note demanding 0.2 bitcoin ($2,325.01 at time of discovery)
  • 19.2 million voter records stored in server
Read More

 
Stanislaus Co.

Breach Type - Cryptojack/Other

KCRA

  • Behavioral health and recovery services computer network compromised by ransomware
  • Stanislaus Co. has mitigated ransomware attacks in past
  • Shut down and quarantined infected networks
  • All behavioral health recovery services remain available to patients
Read More
The Modesto Bee

  • Hackers demanded $65,000 in bitcoin
  • County does not intend to pay ransom
Read More

 
City of Sacramento, Sacramento Co.

Breach Type - Phishing, Data Breach

City of Sacramento IT Department

  • City compromised by unknown source
  • City employment applicants affected in data breach
Read More
Sacramento Business Journal

  • Cyber attack potentially compromised 550 job applicants
  • 2017 breach result of "very creative" phishing scam
Read More

 
Los Angeles Superior Court Employees

Breach Type - Phishing

Washington Times

  • 500 employees received fraudulent emails
  • Emails led to fake websites asking for account credentials
  • Less than a dozen employees fell for phishing scam
  • 31 year old Texas Resident responsible for hack
Read More

 
Sacramento Regional Transit

Breach Type - Ransomware

Sacramento Bee

  • Hackers demand $8,000 ransom
  • Attack erased necessary computer programs affecting internal operations
  • Determined that no data was stolen
Read More

 
City of Oceanside, San Diego County

Breach Type - Other, Data Breach

California Office of Attorney General

  • Costumer payment card compromised through City of Oceanside’s Utility Bill Payment Services
  • City contracted with cybersecurity expert to investigate
  • Malicious code had infiltrated the vendor supported online payment system
Read More

 
Los Angeles County Board of Supervisors

Breach Type - Hack

SCV News

  • Website homepage displayed pro-ISIS propaganda
  • 1 of 4 U.S. websites hacked the same way
  • Team System Dz claims responsibility for attack
Read More

 
Los Angeles County

Breach Type - Hack

Fox News

  • Possible exposure of 750,000+ personal data
  • Nigerian hacker identified as Kevin Onaghinor
  • Phishing email deceived 108 county officials into entering email and passwords
  • There has been no evidence that confidential information was breached
Read More

 
San Francisco's Municipal Transportation Agency

Breach Type - Ransomware

ARS Technica

  • Crypto-ransomware infects Muni system networks
  • Hacker asks for $73,000
  • Hacker gave email address associated with Mamba and HDDCryptor
  • No information was compromised and systems returned to regular operations
Read More
NY Times

  • SFMTA states they never considered paying the ransom
  • Malware infected systems through an email link
Read More

 
Yuba City

Breach Type - Ransomware

Appeal Democrat

  • Attacked by ransomware virus, IT department quickly tracked and shut down network
  • 4 of 350 computers infected with the virus
  • No data lost or compromised, hacker was not paid ransom
Read More

 
Los Angeles County Health Department

Breach Type - Ransomware

LA Times

  • Remnants of ransomware thread on five computers
  • Operations not affected
  • County is aggressive in preventing cyber attacks
Read More
Data Breaches

  • County did not pay ransom
Read More

 
BACK TO TOP

Medical

Marin Community Clinics, Marin County

Breach Type - Unknown, Ransomware

Marinij

  • A cyber attack on Marin systems rendered clinics without computers until the following Friday afternoon
  • In an attempt to regain services an unknown amount of ransom was paid out following advice of a network operator
  • In order to maintain normal operations all staff resorted to using paper and it was expected there was no data lost
Read More

 
Shingle Springs Health and Wellness Center, El Dorado County

Breach Type - Unknown, Ransomware

HIPAA Journal

  • Over 20,000 patients were potentially exposed due to a ransom attack that occurred
  • The center is attempting to repair and update the systems following a new server installation
  • The attack may have been an attempt to gain money on the attackers side with private information as another potential extort
Read More

 
Podiatric Offices of Bobby Yee, Monterey County

Breach Type - Ransomware

Data Breaches

  • Podiatric Offices of Bobby Yee fell victim to ransomware attack
  • Unauthorized alteration and potential corruption of private patient data
  • No evidence surfaced that data was exfiltrated
Read More

 
National Ambulatory Hernia Institute, Orange County

Breach Type - Phishing, Ransomware

Data Breaches

  • Malicious email address delivers Gamma ransomware attack to National Ambulatory Hernia Institute server
  • Some private patient data potentially accessible by hackers
  • All data has since been moved to an off-site server and steps have been taken to eliminate future breach
  • Robust firewall and antivirus services purchased to combat future threats
Read More

 
Guardant Health, San Mateo County

Breach Type - Phishing, Data Breach

San Francisco Business Times

  • Hackers obtain private patient data
  • Guardant Health fell victim to phishing scheme
  • 1,100 patients potentially affected by breach
Read More

 
San Francisco Institute on Aging, San Francisco County

Breach Type - Phishing, Data Breach

California Department of Justice

  • Hackers access Institute on Aging Employee email account
  • Account contained private health and financial data of patients
  • At least 3,907 residents of California potentially affected in data breach
Read More

 
Center for Orthapaedic Specialists

Breach Type - Ransomware

DataBreaches

  • Center has three locations in CA – all affected in cyber attack
  • Hackers infected the main server with ransomware
  • Informed 85,000 current and former patients of potential data breach
  • Notified law enforcement & offered identity protection to those possibly affected
Read More

 
Sangamo Therapeutics, Inc.

Breach Type - Hack

DataBreaches

  • Senior executive's email account compromised
  • Sangamo notified federal law enforcement about breach
  • Personal information accessed and may be compromised
Read More

 
White & Bright Dental

Breach Type - Hack

Office of Attorney General

  • White & Bright notifies patients on breach of computer server with sensitive information
  • All personal information of patients could have been accessed
  • Advises those potentially affected to be vigilant of their data &provides credit monitoring
Read More

 
Ron’s Pharmacy Services, San Diego County

Breach Type - Hack

Ron's Pharmacy Services

  • Hack affected employee email account of Ron's Pharmacy Services
  • Hackers viewed limited information contained in account
  • No Social Security numbers or private financial information accessed
Read More

 
Community Memorial Health System

Breach Type - Phishing

VC Star

  • Email phishing scam leads to security breach
  • 959 patients’ personal information potentially accessed
  • Agency offering affected individuals free identity protection/credit monitoring services
  • Security measures taken and employees given additional training
Read More

 
University of California, Davis Health

Breach Type - Phishing

Healthcare IT News

  • Davis Health employee fell victim to phishing scheme
  • Hackers able to access & obtain patient PHI
  • 15,000 patients potentially affected in breach
Read More

 
East Valley Community Health Center

Breach Type - Ransomware

HIPAA Journal

  • Center notifies 65,000 patients of potential breach following ransomware attack
  • Limited data potentially accessed not including financial information
  • Ransomware variant known as Troldesh/Shade
  • Preventative steps taken to reduce likelihood of future attacks
Read More

 
Bay Sleep Clinic

Breach Type - Accidental Data Breach

DataBreaches

  • Clinic offers video monitoring of patients
  • Did not properly secure a camera and video footage of a patient could be viewed by anyone
  • Miscellaneous source reported to DataBreaches the video was on insecam.com
  • DataBreaches reached out to Bay Sleep Clinic with urgency, did not receive a response
Read More

 
USC Keck and Norris Hospitals

Breach Type - Ransomware

Keck Medicine

  • Ransomware discovered on two servers
  • Attack isolated to avoid spread to other servers
  • Fully remediated situation, restored data from encrypted folders to servers
  • No ransom paid
  • As a precaution: notified patients whose health or other personal data was in affected folders
Read More

 
Yuba-Sutter Medical Clinic

Breach Type - Ransomware

DataBreaches

  • Notifies patients ransomware attack took place in early August
  • Regained access quickly and no data was lost
  • Experienced some delays in accessing internal information
  • No personal information released or exfiltrated
Read More

 
Marin Medical Practices Concepts

Breach Type - Ransomware

Mercury News

  • Paid a ransom to regain access to data
  • Amount of paid ransom remains unknown
  • Declined to say whether law enforcement was involved
  • No evidence that patients’ data was accessed
Read More

 
State Health Insurance Website

Breach Type - Security Vulnerabilities

AP News

  • Federal investigators found significant cyber security vulnerabilities
  • Vulnerabilities could enable hackers to access a wealth of sensitive personal data
  • Weaknesses found by Government Accountability Office
  • Officials in California said there is no evidence hackers have stolen anything
Read More

 
BACK TO TOP

Education

Sylvan Unified School District, Stanislaus County

Breach Type - Unknown, Malware

Modbee

  • The school district put in a ticket for an attack launched against their computer system
  • Costs were easily over $100,000 in attempts to repair systems in over 10 schools
  • Staff were unable to use basic network features and report cards and state testing were delayed
Read More

 
Carmel Unified School District, Monterey County

Breach Type - Phishing, Data Breach

Data Breaches

  • Carmel Unified School District successfully attacked by phishing
  • Acquired documents potentially included SS numbers, marriage certificates, birth certificates, and other sensitive documentation
  • School District stated they would improve data security going forward
Read More

 
Centinela Valley Union High School District, Los Angeles County

Breach Type - Phishing, Data Breach

Data Breaches

  • Sensitive W2 employee information may have been compromised
  • Hackers disguised phishing email as one from inside of the school district
  • IRS and federal law enforcement has been contacted regarding this incident
Read More

 
San Diego Unified School District, San Diego County

Breach Type - Phishing, Data Breach

News Week

  • Hackers gathered network access log-in information from staff
  • Used log-in information to access district’s network services, including the district student database
  • Personal data may have been compromised
Read More

 
Sacramento State University, Sacramento County

Breach Type - Phishing, Other

State Hornet

  • Sacramento State reported 350+ compromised accounts due to phishing attack
  • Malicious IP addresses originated in the United Kingdom
  • Students and staff advised to update university account credentials
Read More

 
Ygnacio Valley High School, Contra Costa County

Breach Type - Phishing

KTVU

  • High school student uses phishing scheme to infiltrate Mount Diablo Unified School District IT Network
  • Sent phishing scheme to teachers & the teachers entered account credentials into malicious website
  • Student changed grades of multiple students
Read More

 
Long Beach City College

Breach Type - Hack

Long Beach Post

  • Technology systems down due to malware
  • Employee email system down & enrollment/payment software for students down
  • Classes continue despite attack
Read More

 
Ventura County's Office of Education

Breach Type - Hack

VC Star

  • Websites of numerous school districts went offline
  • 7 total websites down
  • Websites hacked with pro-ISIS propaganda
  • Part of multiple website hacks of government/education across United States
Read More

 
Los Angeles Valley College

Breach Type - Ransomware

Bleeping Computer

  • Hackers gave one-week deadline for ransom money
  • District Board agreed to use money in their cyber insurance funds
  • Los Angeles Community College District paid $28,000 ransom
Read More

 
Kern County Superintendent of Schools

Breach Type - Phishing

DataBreaches

  • Kern County payroll department fell victim to phishing scam
  • Employees notified same day of breach
  • Personal information of more than 2,500 employees starting in 2015, was breached
Read More

 
BACK TO TOP