Florida Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Florida.jpg
 

Public Safety

Riviera Beach Police Department & City of Riviera Beach, Palm Beach County

Breach Type - Phishing, Ransomware

WPDF

  • Florida city's email and computer systems were disabled in a cyber attack, local PD required to take nearly 300 reports by hand, daily
  • Infiltration came from email phishing that employee opened, city officials sought to approve finances to get critical systems restored
  • Riviera Beach Police Chief warned that with systems down, PD was unable to verify criminal history checks, among others
Read More
Star Tribune

  • City agreed to pay hackers $600,000 in an attempt to save locked up data
  • City Council voted unanimously to move forward with payment after determining they had no other option to retrieve lost records
  • 9-1-1 dispatch personnel were unable to enter calls into the computer system and found manual work arounds to prevent delay in response time
Read More

 
City of Stuart, Martin County

Breach Type - Unknown, Ransomware

TC Palm

  • A computer virus has shut down city servers blocking public contacts
  • 911 systems were left unaffected as the virus was isolated and systems are being restored
  • The servers will be reactivated before the emails will be restored as there are now planned upgrades to the systems
Read More
TC Palm

  • A Trikbot had been used that can lead to larger damage in the long run along with a Ryuk virus
  • No negotiations were made and the servers are being inspected to find how the virus initially entered the systems
  • Even the ransomware message was not entertained as officials refuse to state what the message said
Read More
WPTV

  • The ransomware targeted the city causing communications with police, commissioners, and other staff to be interrupted
  • Police also were forced to handwrite reports and documents, not affecting public safety
Read More

 
Leon County Sheriff's Office

Breach Type - Virus

abc 27 WTXL

  • Sheriff's Office & State Attorney's Office impacted by computer virus
  • Virus prohibits victim from sending documents
  • Leon County Clerk of Courts experienced similar issues
Read More
Tallahassee Democrat

  • Aggressive worm virus causes abnormal computer behavior throughout Leon county
  • Forced employees of the county to rely on notepads for work
  • No information lost or compromised in the process
  • Leon County never fully down – slower process for daily tasks
Read More

 
Flagler Sheriff's Office

Breach Type - Hack

Flagler Live

  • Sheriff's website hacked to show clickbait and vulgar content
  • Confusion between IT department and Google made it difficult to identify the problem
  • Weakness in firewalls left website vulnerable to malicious malware
Read More

 
Town of Palm Beach 911 Services

Breach Type - Ransomware

CBS 12

  • Computer systems targeted twice in two weeks
  • Dispatchers used notepads to record calls
  • Restored systems without paying ransom
Read More

 
BACK TO TOP

Local Government

City of Naples, Collier County

Breach Type – Phishing, Other

Fox4now

  • City of Naples victim of cyber scam, losing $700k during attack
  • Bad actors claimed funds would be used for construction project
  • City admitted it was victim of cyber attack, worked with law enforcement
Read More
Napelsnews

  • City officials advised that data breach did not occur
  • $700k loss was part of sophisticated cyber scam
  • Money was paid to fake bank account believed to be contractor
Read More

 
Village of Palm Springs, Palm Beach County

Breach Type - Phishing, Ransomware

WPTV

  • Village Manager confirms a cyber attack occurred about a year ago – Ransomware called Amnesia 3
  • Believed that phishing email compromised systems and allowed for injection of malware
  • Hackers split ransom into 3 keys and village paid for 2 out of 3 ~$1,200 worth of Bitcoin
  • Hired an IT Director and outside IT firm to prepare for any future attacks
Read More

 
City of Mexico Beach, Bay County

Breach Type - Unknown, Ransomware

WJHG

  • During early April the City of Mexico Beach experienced a ransomware attack locking users out of their systems
  • One officer had managed to stop another cyber attack, IT professionals are directing the county to decryption services
  • After the attack the city had decided to renew their security systems and add several layers of defense
Read More

 
Village of Key Biscayne, Miami-Dade County

Breach Type - Unknown, Ransomware

Miami CBS Local

  • Key Biscayne was one of many Florida cities to report a cyber attack on their networks
  • The security “event” was noticed and outside parties meant to aid in investigations were brought in
Read More
Ars Technica

  • Key Biscayne is among 3 other governments joining Lake City on the list of places affected by the Ryuk ransomware
  • All three cases have shown the origin of the virus to be from employee mistakes as employees open links/attachments in emails
  • One concern is that Key Biscayne is one of the smaller communities, yet it has been targeted as well as larger groups almost four times in size
Read More

 
Lake City, Columbia County

Breach Type - Unknown, Ransomware

WCJB

  • Lake City was targeted by a multi staged attack that combines several methods to target systems
  • Several systems have been compromised and no longer can be used including land lines
  • Emergency services are still operable and remain intact after all attacks
Read More
Cyware

  • Public safety networks were protected and isolated with several layers such as encryption nets
  • Bill payments are no longer electronic and require paper receipts and hand written bills
  • Resorting to hand written bills for both utility and water payments has been used to aid in services
Read More
Action News Jax

  • After several attempts to fix this situation Lake City has decided to try and pay $460,000 in ransom to regain systems
  • It has been discovered that an employee had corrupted the systems by opening an email that spread within the network
Read More

 
City of Gainesville Architect, Alachua County

Breach Type - Phishing, Malware

News4 Jax

  • An employee had noticed several red flags following an email received
  • Details were amiss such as training dates not being expired and the email seemingly coming from a city architect
  • Once the correct contacts were made it was discovered that this was a large scale virus even going to the president of the US
Read More

 
Tallahassee City Manager’s Email, Leon County

Breach Type - Phishing, Malware

Tallahassee

  • The city manager’s email was taken over and used to send out a Dropbox link
  • Within the link was a virus meant to compromise systems
  • This email that had originated externally does not have seemed to cause any everlasting effects
Read More

 
City of Tallahassee Payroll System, Leon County

Breach Type - Hacking, Other

Tallahassee

  • 200 employees weren’t able to receive their paychecks following a hack into city payroll systems
  • Direct deposits were denied as the attack internally caused damage
  • IT is looking into if the attack was truly contained and attempt to reinforce their systems
Read More

 
Florida Keys Community College, Monroe County

Phishing, Data Breach

PR Newswire

  • The college is taking action after being exposed to an email campaign compromising several email accounts
  • Accounts that were exposed were looked into to determine what information was accessed
  • After investigation it was determined that sensitive personal information including social security was exposed
Read More

 
City of Pompano Beach, Broward County

Hacking, Data Breach

Sun Sentinel

  • Hackers accessed database of thousands of customer payment methods
  • Over 3,500 people were exposed after credit card company noted fraudulent charges
  • Tech department is consistently working to fix and patch issues as they arise
Read More

 
Town of Jupiter, Palm Beach County

Breach Type - Ransomware

CBS 12

  • Computer systems were down during malware attack
  • Source of malware reportedly encrypted data, demanding money for return of the files
  • Town of Jupiter did not pay ransom
  • Files restored & affected systems brought back online
Read More

 
City of Green Cove Springs, Clay County

Breach Type - Phishing, Malware

Clay Today Online

  • Phishing emails infiltrated several Clay county computers
  • Green Cove Springs employees opened malicious email attachments containing virus
  • Clicking the link allowed the virus to spread more
Read More

 
Florida Department of Health (Children’s Medical Services)

Breach Type - Phishing, Data Breach

PNJ

  • Data breach potentially compromised information of patients in 4 Florida counties
  • Department of Health employee’s email account compromised by hackers
  • Affected employee’s login credentials reset to terminate any inappropriate access
Read More

 
City of Lake Worth, Palm Beach County

Breach Type - Other, Data Breach

WPTV

  • City customers who payed online utility bills affected in data breach
  • Lake Worth advised those affected to monitor credit card bills for fraudulent charges
  • City vendor has taken steps to further neutralize the breach
Read More

 
City of St. Petersburg, Pinellas County

Breach Type - Other, Data Breach

St. Petersburg

  • Click2Gov informed city of malicious software found on server
  • Payment site immediately shut down to prevent access
  • Click2Gov pages used to accept credit card information had been breached
Read More

 
Reedy Creek Improvement District, Orange Co. & Osceola Co.

Breach Type - Phishing/Other

Orlando Sentinel

  • Disney's government fell victim to email hacking scheme
  • Employee sent approximately $722,000 to faulty vendor
  • Orange County Sheriff reports that only $94,000 left unrecovered
Read More

 
City of Lake Worth, Palm Beach County

Breach Type - Other, Data Breach

My Palm Beach Post

  • Click2Gov vulnerability affected utility customers of City of Lake Worth
  • Data breach hit customers throughout the 2017 year
  • One of longer Click2Gov breaches discovered of many cities hit
Read More

 
The Village of Wellington, Palm Beach Co.

Breach Type - Other/Vulnerability/Cryptojack

WPTV

  • Unauthorized charges on citizens' credit cards lead to discovery of exploited vulnerabilities in Wellington's utility bill pay system
  • Similar vulnerability found in system used by Oxnard, California
  • Village of Wellington notifies potentially compromised residents
Read More
GovTech

  • Hackers originally exploited vulnerability to crypto-mine Bitcoin cryptocurrency
  • Hackers expanded to include sophisticated skimmers to capture credit card numbers
Read More

 
City of Lake Worth Automatic Alert System, Palm Beach County

Breach Type - Phishing, Other

Gizmodo

  • Hackers infiltrated Lake Worth Automatic Alert system & changed alert messages
  • The culprits were responsible for reoccurring attacks since August 2017
  • Alerts went out to citizens were mainly pranks tainted with “zombie” related messages
Read More
My Palm Beach Post

  • FBI and FCC attracted by zombie-hoax hack
  • Hackers gained access to notification alert system via email phishing
  • Lake Worth City email compromised & re-wrote message
Read More

 
Okaloosa County Water & Sewer Department, Okaloosa County

Breach Type - Other, Data Breach

Okaloosa County

  • Several banks alerted the County to unauthorized charges on cards used to pay county water bills
  • Online payment system breached
  • System disabled until further secured
Read More

 
Lee County Tax Collector Email

Breach Type - Hack

Wink News

  • Tax collector's device compromised
  • Account was disabled
  • Spam emails sent out via tax collector's account
  • Office of Lee County has warned others about incident
Read More

 
Florida's Agency for Health Care Administration

Breach Type - Phishing

AP News

  • Employee fell victim to malicious phishing email
  • Hackers potentially accessed private files of over 30,000 Medicaid Recipients
  • Administration has no reason to believe that information is being misused
  • Re-training employees on proper security protocol
Read More

 
City of Ormond Beach, Volusia

Breach Type - Other, Data Breach

Daytona Beach News-Journal

  • City’s online payment system potentially breached
  • Police launched investigation
  • 175 customers saw fraudulent activity on their payment cards
  • Superion web payment vendor notified of the issue
Read More

 
Leon County ISIS Propaganda

Breach Type - Hack

USA Today

  • No valuable data compromised during hack
  • Propaganda, of North Korean Leader and ISIS, displayed on webpage for a few minutes
  • Hack on Leon County may be a random attack
  • Hacked by “Moroccan Islamic Union-Mail” - group that often hacks government website
Read More

 
Hillsborough Co, Pasco Co, Citrus Co, Clay Co, Volusia Co

Breach Type - Phishing

Tampa Bay Times

  • Russian hackers aimed to break into computer systems before the 2016 Presidential Election
  • Five county officials reported they received malicious emails
  • No publicly disclosed evidence shows that the counties were breached
  • Unclear how many counties received malicious emails/were originally targeted
Read More

 
Florida Department of Agriculture and Consumer Services

Breach Type - Hack

WPTV

  • Hackers may have obtained info on 16,000+ concealed weapon owners
  • Data breach originated overseas
  • Of the affected weapon owners, 500 social security numbers were obtained
  • Active investigation into this case
  • Only those renewing permits online were affected
Read More

 
Marion County

Breach Type - Ransomware

Marion County Office

  • County’s IT department claims multiple ransomware attacks launched
  • Each incident, considered isolated attacks, have been handled accordingly
  • Staff to block email attachments
  • IT will simulate phishing attempt training to employees of the count
Read More

 
City of Sarasota

Breach Type - Ransomware

My Suncoast

  • Employee received email with ransomware
  • Data held hostage and systems offline
  • City refused to pay ransom, utilized IT department
  • Recovered most of the lost files
Read More

 
Palm Beach County Department of Health

Breach Type - Hack

Palm Beach Flordia Health

  • Unauthorized access & possible misuse of information caused by hackers
  • All personal/financial information for clients of Palm Beach Co. Health Dep. potentially affected
  • Clients notified and advised to monitor credit information
Read More

 
BACK TO TOP

Medical

Clearway Pain Solutions Institute, Escambia County

Breach Type - Hacking, Data Breach

Data Breaches

  • A third party had accessed the institute’s EMR system leading patients to be notified
  • Following the attack all users have been analyzed with validations to access levels
  • To help prevent any fraud due to patient exposure, people have been offered a membership to protect individuals
Read More

 
AdventHealth Medical Group Pulmonary & Sleep Medicine, Lake County

Breach Type - Hacking, Data Breach

Click Orlando

  • Sensitive patient information may have been exposed
  • A third party had hacked into the system and compromised security
  • Sensitive information regarding social security and more may have been compromised
Read More

 
FABEN Obstetrics and Gynecology, Duval County

Breach Type – Ransomware

Data Breaches

  • The medical clinic was infected with ransomware
  • It was detected quickly but it has not been disclosed how it happened
  • Infected files were deleted even though there were no backups of some files
Read More

 
Family Physicians Group, Orange County

Breach Type - Phishing, Data Breach

Orlando Sentinel

  • Family Physicians Group affected by hacking incident
  • Phishing attack on employee’s email account compromised personal health information
  • 8,400 patients notified of data breach
Read More

 
Cancer Treatment Centers of America, Palm Beach County

Breach Type - Phishing, Data Breach

WFLA

  • Cyber criminals targeted CTCA employees via phishing scheme
  • Personal information of 41,948 patients of Cancer Treatment Centers of America potentially compromised in data breach
  • Medical information and cancer types exposed in breach
Read More

 
Health First, Inc., Brevard County

Breach Type - Phishing, Data Breach

Data Breaches

  • Health First, Inc. notified HHS of a breach that affected 42,000 patients
  • Health First employees fell victim to phishing scam which compromised customer information
  • Though cyber criminals did not appear interested in obtaining personal data – a limited number of emails viewed contained protected health information
Read More

 
Health Management Concepts, Inc., Palm Beach County

Breach Type - Ransomware

Office of Attorney General

  • HMC server compromised with malicious ransomware
  • Ransom paid in attempt to decrypt data
  • Confidential patient data inadvertently provided to hackers
Read More

 
Florida Agency for Persons with Disabilities, Leon Co.

Breach Type - Phishing/Data Breach

APD Cares

  • Malicious phishing email compromised systems of Florida Agency for Persons with Disabilities
  • 1,951 APD patients potentially affected in data breach
  • APD upgraded security systems to further prevent unauthorized access to private information
Read More

 
Florida Hospital Websites

Breach Type - Hack

Orlando Sentinel

  • Malware compromises 3 Florida Hospital websites: FloridaBariatric, FHOrthoInstitute, and FHExecutiveHealth
  • Websites taken offline to repair malicious software
  • Some sensitive patient data potentially at risk
Read More

 
Guardian Pharmacy of Jacksonville, LLC.

Breach Type - Hack

DataBreaches

  • Hacker manipulated an employee email account
  • Obtained unauthorized access to limited patient information
  • A small group of individuals' financial records potentially accessed
Read More

 
St. Mark's Surgical Center

Breach Type - Ransomware

Health Data Management

  • 33,887 individuals potentially affected
  • No indication of improper use of patient's personal data
  • St. Mark's has taken multiple steps to protect data in the future
  • Offering potentially affected individuals identity protection and free credit monitoring
Read More

 
Greenway Health

Breach Type - Ransomware

DataBreaches

  • Greenway Health working with law enforcement & FBI
  • No patient data has been exfiltrated or otherwise misused
  • Incident isolated to Tampa location
Read More
DataBreaches: Updates

  • 400 of Greenway Health client EHR services affected
  • At least half of the systems have been restored
Read More

 
BACK TO TOP

Education

University of Florida (Student Government Websites), Alachua County

Breach Type – Hacking, Other: Website Defacement

WCJB

  • There were various websites hacked associated with the university's website
  • Data on the websites was replaced with obscenities and political messages prompting the sites to be restored the same day
Read More

 
Monroe County School District, Monroe County

Breach Type - Ransomware

Miami Herald

  • Monroe County School District fell victim to ransomware variant known as GandCrab
  • Ransomware encrypted data twice before Monroe fully recovered
  • There was no threat to student data
Read More

 
Florida Virtual School

Breach Type - Hack

Miami Herald

  • More than 350,000 potentially affected associates of Florida Virtual School
  • More than 1,800 Leon County school teachers had had private financial info exposed in attack
  • Florida Virtual School discovered hack 2 years later, offering free identity protection services
Read More

 
Walton School District

Breach Type - Phishing

WJHG

  • Walton School District employees fall victim to spear-phishing scheme
  • District implementing additional safeguard to ensure potentially affected individuals are protected
  • District notified employees, IRS, and local authorities
  • Thirty people potentially impacted by breach
Read More

 
Manatee County School District

Breach Type - Phishing

Bradenton Herald

  • Employees of school district fall victim to spear-phishing scheme
  • Sent W-2 forms of all district employees to hackers
  • District's cyber insurance may help pay for costs of attack
Read More
 
BACK TO TOP