Colorado Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Colorado.jpg
 

Public Safety

No attacks logged to date.


BACK TO TOP

Local Government

City of Lafayette, Boulder County

Breach Type – Unknown, Ransomware

Beloit Daily News

  • A public statement was made about the city’s compromised computer systems and the ransom that was demanded
  • Many of the city’s systems were rendered offline as bad actors hacked the city’s networks
  • Following investigations it was discovered that a phishing scam lead to the ransomware attack
Read More
Colorado Hometown Weekly

  • Officials are now warning that sensitive information may have been compromised despite earlier beliefs
  • Usernames, passwords and other sensitive data like social securities were potentially exposed causing risk of privacy
  • Officials still declare that they are unwarare of any misuse of the data at this time
Read More

 
Arapahoe County Government Systems, Arapahoe County

Breach Type – Phishing, Malware

Colorado Politics

  • Employee fell victim of phishing cyberattack
  • Seemingly legitimate CDC email contained malware
  • County officials reviewed the incident with the employee
Read More

 
Denver Public Library, Adams, Arapahoe, & Jefferson Counties

Breach Type – Unknown, Ransomware

Denverite

  • Library's computers and system were left frozen after cyberattack
  • Bad actors utilized ransomware during their hit on the public library
  • Officials refused to comment on frequency or originating location
Read More

 
City of Aurora, Arapahoe County

Breach Type – Hacking, Data Breach

9 News

  • City of Aurora was recent victim of Click2Gov data breach
  • Citizens paying their utility bill likely had names, card numbers leaked
  • City transitioned to new Paymentus system to avoid further issues
Read More

 
Town of Erie, Boulder Co. & Weld Co.

Breach Type – Phishing, Other

Denver CBS Local

  • Town officials sent over $1,000,000 to a bad actor's account
  • Bad actor claimed to be construction contractor hired by the town
  • Officials discovered that the money was wire transferred out of country
Read More

 
Archuleta County Government Systems, Archuleta County

Breach Type – Unknown, Ransomware

Pagosa Sun

  • Emergency services and dispatch remained unaffected in ransomware cyberattack
  • IT officials worked to restore systems as quickly as possible, estimated 48 hours
  • County email among systems affected by the ransomware attack
Read More
Pagosa Sun

  • Bad actors demanded $300,000 in bitcoin
  • Ransomware cyberattack encrypted all county servers
Read More

 
Fort Collins Loveland Water District and South Fort Collins Sanitation District, Larimer County

Breach Type - Unknown, Ransomware

RGJ

  • When employees went into work they could not access information including drawings and data on their computers
  • This had been the second attack in two years that the districts had fallen victim to in the past two years
  • It would seem that ransom was demanded but it had not been entertained at all by the districts and instead data was recovered without the hackers
Read More

 
Colorado Attorney General’s Office

Breach Type - Hacking, Cryptojacking

Bad Packets

  • Half a million Drupal websites affected by vulnerability
  • Websites scanned for cryptojacking script
  • 258 websites contained the reference to the malicious domain
  • The website of the Colorado Attorney General was compromised
  • The incident was reported to the US-CERT and an incident number was assigned by the NCCIC Security Operations Center thereafter
Read More

 
Colorado Department of Transportation 2nd Hit

Breach Type - Ransomware

The Denver Channel

  • A week after first ransomware hit, malicious variant hits 2nd time
  • System immediately shutdown, affecting 2,000 employees
  • Attack will not affect critical traffic operations
Read More

 
Colorado Department of Transportation

Breach Type - Ransomware

Denver Post

  • SamSam ransomware virus hijacks computers at CDOT
  • Office of Information Technology and FBI investigating incident
  • CDOT has no intention to pay ransom
Read More

 
Mental Health Institute at Pueblo, Department of Human Services

Breach Type - Phishing

Colorado Politics

  • Employee falls for phishing scam on state computer
  • No evidence that phishers accessed/misused data
  • Personal information may have been compromised
  • Read More

 
Englewood City

Breach Type - Ransomware

Englewood Herald

  • Ransomware virus impacted municipal systems and networks
  • Denver IT helped to wipe and restore systems
  • City did not pay a ransom
  • No personal information was compromised
Read More

 
Colorado State Election System

Breach Type - Hack

The Hill

  • Target of Russian Election Hacking
  • DHS notifies states a year later
  • Election systems are critical infrastructure
Read More

 
Town of Snowmass Village

Breach Type - Phishing

Aspen Daily News

  • Scammers steal $57,396 from village
  • Fraudulent email asking for wired money for construction materials
  • No personal information was compromised
  • Other internal financial procedures have since been altered
Read More

 
Larimer County

Breach Type - Hack

9 News

  • Computer systems had limited functions
  • 911 dispatch & emergency services were not affected
  • Landfill services most affected
Read More

 
BACK TO TOP

Medical

The Mental Health Center of Boulder County Inc.

Breach Type – Unknown, Data Breach

Daily Camera

  • Client and employee information likely accessed during data breach
  • Names, dates of birth, Social Security numbers among involved info
  • Healthcare center provided credit monitoring services to affected individuals
Read More

 
Children's Hospital of Colorado, Adams County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review

  • Over 2,500 patients were contacted following a phishing scheme that potentially exposed sensitive information
  • Information that may have been exposed included names, date of services, medical record numbers, ZIP codes and clinical diagnosis information
  • There is no evidence that the data is being used in a bad manner prompting the hospital to take security measures
Read More

 
Rangely District Hospital, Rio Blanco County

Breach Type – Unknown, Ransomware

The Herald Times

  • Unknown number of patients' information leaked following ransomware
  • Healthcare center was able to restore most data from backups
  • Officials confirmed that they did not pay the ransom, hired outside IT
Read More

 
Parkville Medical Center, Pueblo County

Breach Type – Unknown, Ransomware

KOAA News 5

  • Numerous systems were hit in ransomware cyberattack
  • Officials reassured the public that patients could still be treated
  • Healthcare center worked diligently to restore services
Read More
FOX 21 News

  • Healthcare center employee confirmed patient storage hit
  • Bad actor's used ransomware in cyberattack
  • Employee confirmed hospital was forced to utilize paper records
Read More

 
Estes Park Health, Larimer County

Breach Type - Unknown, Ransomware

Eptrail

  • During normal operations it was noticed that several files were being locked down
  • Upon discovery servers were shut down and access to the data center was cut off
  • In an attempt to recover data, EPH paid the ransomware additionally using their insurance to pay
Read More

 
Long Peaks Family Practice

Breach Type - Ransomware

Healthcare IT News

  • Hit with two ransomware attacks Nov. 5th & Nov. 10th
  • IT team too late to protect servers before hackers could encrypt files
  • Rebuilt systems thanks to backups
  • Hired investigators to help with second attack
  • Investigators concluded hackers accessed system on three separate occasions
  • Patient files potentially accessed
  • Practice offering a year of free credit monitoring to potentially affected patients
Read More

 
Edina Fertility Clinic

Breach Type - Ransomware

Star Tribune

  • Ransomware launches on Edina Fertility Clinic
  • Patients worried about personal data being accessible
  • No evidence of information misuse has surfaced
Read More

 
Children's Hospital Colorado

Breach Type - Hack

KDVR

  • Employee email account hacked
  • 3,400 patient families potentially affected
  • No sensitive financial information compromised
Read More

 
Allergy, Asthma & Immunology of the Rockies

Breach Type - Ransomware

Health IT Security

  • Discovered ransomware on its computer systems (EMR Systems)
  • IT specialists recommended completely replacing hard drives
  • Systems restored and safely brought back online
Read More

 
BACK TO TOP

Education

Regis University, Denver County

Breach Type – Unknown, Ransomware

The Denver Channel

  • University officials disabled computer network
  • Officials believed it would help mitigate damage
  • IT staff continued to investigate the cyberattack
Read More
9 News

  • 1,800 computers infected during ransomware cyberattack
  • Officials believed bad actors originated outside the country
  • IT staff continued to work on restoring the computers
Read More

 
Denver Public Schools

Breach Type - Phishing

KDVR

  • Direct deposit phishing scam leaves $40,000 stolen from employees
  • Training for phishing scams and firewalls were not enough to bypass incident
  • Malicious email extremely convincing, 30 employees fell for it
  • School district has since repaid employees
Read More


 
BACK TO TOP