Florida Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Florida.jpg
 

Public Safety

Riviera Beach Police Department & City of Riviera Beach, Palm Beach County

Breach Type - Phishing, Malware

WPDF

  • Florida city's email and computer systems were disabled in a cyber attack, local PD required to take nearly 300 reports by hand, daily
  • Infiltration came from email phishing that employee opened, city officials sought to approve finances to get critical systems restored
  • Riviera Beach Police Chief warned that with systems down, PD was unable to verify criminal history checks, among others
Read More

 
City of Stuart, Martin County

Breach Type - Unknown, Ransomware

TC Palm

  • A computer virus has shut down city servers blocking public contacts
  • 911 systems were left unaffected as the virus was isolated and systems are being restored
  • The servers will be reactivated before the emails will be restored as there are now planned upgrades to the systems
Read More
TC Palm

  • A Trikbot had been used that can lead to larger damage in the long run along with a Ryuk virus
  • No negotiations were made and the servers are being inspected to find how the virus initially entered the systems
  • Even the ransomware message was not entertained as officials refuse to state what the message said
Read More
WPTV

  • The ransomware targeted the city causing communications with police, commissioners, and other staff to be interrupted
  • Police also were forced to handwrite reports and documents, not affecting public safety
Read More

 
Leon County Sheriff's Office

Breach Type - Virus

abc 27 WTXL

  • Sheriff's Office & State Attorney's Office impacted by computer virus
  • Virus prohibits victim from sending documents
  • Leon County Clerk of Courts experienced similar issues
Read More
Tallahassee Democrat

  • Aggressive worm virus causes abnormal computer behavior throughout Leon county
  • Forced employees of the county to rely on notepads for work
  • No information lost or compromised in the process
  • Leon County never fully down – slower process for daily tasks
Read More

 
Flagler Sheriff's Office

Breach Type - Hack

Flagler Live

  • Sheriff's website hacked to show clickbait and vulgar content
  • Confusion between IT department and Google made it difficult to identify the problem
  • Weakness in firewalls left website vulnerable to malicious malware
Read More

 
Town of Palm Beach 911 Services

Breach Type - Ransomware

CBS 12

  • Computer systems targeted twice in two weeks
  • Dispatchers used notepads to record calls
  • Restored systems without paying ransom
Read More

 
BACK TO TOP

Local Government

Lake City, Columbia County

Breach Type - Unknown, Ransomware

WCJB

  • Lake City was targeted by a multi staged attack that combines several methods to target systems
  • Several systems have been compromised and no longer can be used including land lines
  • Emergency services are still operable and remain intact after all attacks
Read More
Cyware

  • Public safety networks were protected and isolated with several layers such as encryption nets
  • Bill payments are no longer electronic and require paper receipts and hand written bills
  • Resorting to hand written bills for both utility and water payments has been used to aid in services
Read More

 
City of Gainesville Architect, Alachua County

Breach Type - Phishing, Malware

News4 Jax

  • An employee had noticed several red flags following an email received
  • Details were amiss such as training dates not being expired and the email seemingly coming from a city architect
  • Once the correct contacts were made it was discovered that this was a large scale virus even going to the president of the US
Read More

 
Tallahassee City Manager’s Email, Leon County

Breach Type - Phishing, Malware

Tallahassee

  • The city manager’s email was taken over and used to send out a Dropbox link
  • Within the link was a virus meant to compromise systems
  • This email that had originated externally does not have seemed to cause any everlasting effects
Read More

 
City of Tallahassee Payroll System, Leon County

Breach Type - Hacking, Other

Tallahassee

  • 200 employees weren’t able to receive their paychecks following a hack into city payroll systems
  • Direct deposits were denied as the attack internally caused damage
  • IT is looking into if the attack was truly contained and attempt to reinforce their systems
Read More

 
Florida Keys Community College, Monroe County

Phishing, Data Breach

PR Newswire

  • The college is taking action after being exposed to an email campaign compromising several email accounts
  • Accounts that were exposed were looked into to determine what information was accessed
  • After investigation it was determined that sensitive personal information including social security was exposed
Read More

 
City of Pompano Beach, Broward County

Hacking, Data Breach

Sun Sentinel

  • Hackers accessed database of thousands of customer payment methods
  • Over 3,500 people were exposed after credit card company noted fraudulent charges
  • Tech department is consistently working to fix and patch issues as they arise
Read More

 
Town of Jupiter, Palm Beach County

Breach Type - Ransomware

CBS 12

  • Computer systems were down during malware attack
  • Source of malware reportedly encrypted data, demanding money for return of the files
  • Town of Jupiter did not pay ransom
  • Files restored & affected systems brought back online
Read More

 
City of Green Cove Springs, Clay County

Breach Type - Phishing, Malware

Clay Today Online

  • Phishing emails infiltrated several Clay county computers
  • Green Cove Springs employees opened malicious email attachments containing virus
  • Clicking the link allowed the virus to spread more
Read More

 
Florida Department of Health (Children’s Medical Services)

Breach Type - Phishing, Data Breach

PNJ

  • Data breach potentially compromised information of patients in 4 Florida counties
  • Department of Health employee’s email account compromised by hackers
  • Affected employee’s login credentials reset to terminate any inappropriate access
Read More

 
City of Lake Worth, Palm Beach County

Breach Type - Other, Data Breach

WPTV

  • City customers who payed online utility bills affected in data breach
  • Lake Worth advised those affected to monitor credit card bills for fraudulent charges
  • City vendor has taken steps to further neutralize the breach
Read More

 
City of St. Petersburg, Pinellas County

Breach Type - Other, Data Breach

St. Petersburg

  • Click2Gov informed city of malicious software found on server
  • Payment site immediately shut down to prevent access
  • Click2Gov pages used to accept credit card information had been breached
Read More

 
Reedy Creek Improvement District, Orange Co. & Osceola Co.

Breach Type - Phishing/Other

Orlando Sentinel

  • Disney's government fell victim to email hacking scheme
  • Employee sent approximately $722,000 to faulty vendor
  • Orange County Sheriff reports that only $94,000 left unrecovered
Read More

 
City of Lake Worth, Palm Beach County

Breach Type - Other, Data Breach

My Palm Beach Post

  • Click2Gov vulnerability affected utility customers of City of Lake Worth
  • Data breach hit customers throughout the 2017 year
  • One of longer Click2Gov breaches discovered of many cities hit
Read More

 
The Village of Wellington, Palm Beach Co.

Breach Type - Other/Vulnerability/Cryptojack

WPTV

  • Unauthorized charges on citizens' credit cards lead to discovery of exploited vulnerabilities in Wellington's utility bill pay system
  • Similar vulnerability found in system used by Oxnard, California
  • Village of Wellington notifies potentially compromised residents
Read More
GovTech

  • Hackers originally exploited vulnerability to crypto-mine Bitcoin cryptocurrency
  • Hackers expanded to include sophisticated skimmers to capture credit card numbers
Read More

 
City of Lake Worth Automatic Alert System, Palm Beach County

Breach Type - Phishing, Other

Gizmodo

  • Hackers infiltrated Lake Worth Automatic Alert system & changed alert messages
  • The culprits were responsible for reoccurring attacks since August 2017
  • Alerts went out to citizens were mainly pranks tainted with “zombie” related messages
Read More
My Palm Beach Post

  • FBI and FCC attracted by zombie-hoax hack
  • Hackers gained access to notification alert system via email phishing
  • Lake Worth City email compromised & re-wrote message
Read More

 
Okaloosa County Water & Sewer Department, Okaloosa County

Breach Type - Other, Data Breach

Okaloosa County

  • Several banks alerted the County to unauthorized charges on cards used to pay county water bills
  • Online payment system breached
  • System disabled until further secured
Read More

 
Lee County Tax Collector Email

Breach Type - Hack

Wink News

  • Tax collector's device compromised
  • Account was disabled
  • Spam emails sent out via tax collector's account
  • Office of Lee County has warned others about incident
Read More

 
Florida's Agency for Health Care Administration

Breach Type - Phishing

AP News

  • Employee fell victim to malicious phishing email
  • Hackers potentially accessed private files of over 30,000 Medicaid Recipients
  • Administration has no reason to believe that information is being misused
  • Re-training employees on proper security protocol
Read More

 
City of Ormond Beach, Volusia

Breach Type - Other, Data Breach

Daytona Beach News-Journal

  • City’s online payment system potentially breached
  • Police launched investigation
  • 175 customers saw fraudulent activity on their payment cards
  • Superion web payment vendor notified of the issue
Read More

 
Leon County ISIS Propaganda

Breach Type - Hack

USA Today

  • No valuable data compromised during hack
  • Propaganda, of North Korean Leader and ISIS, displayed on webpage for a few minutes
  • Hack on Leon County may be a random attack
  • Hacked by “Moroccan Islamic Union-Mail” - group that often hacks government website
Read More

 
Hillsborough Co, Pasco Co, Citrus Co, Clay Co, Volusia Co

Breach Type - Phishing

Tampa Bay Times

  • Russian hackers aimed to break into computer systems before the 2016 Presidential Election
  • Five county officials reported they received malicious emails
  • No publicly disclosed evidence shows that the counties were breached
  • Unclear how many counties received malicious emails/were originally targeted
Read More

 
Florida Department of Agriculture and Consumer Services

Breach Type - Hack

WPTV

  • Hackers may have obtained info on 16,000+ concealed weapon owners
  • Data breach originated overseas
  • Of the affected weapon owners, 500 social security numbers were obtained
  • Active investigation into this case
  • Only those renewing permits online were affected
Read More

 
Marion County

Breach Type - Ransomware

Marion County Office

  • County’s IT department claims multiple ransomware attacks launched
  • Each incident, considered isolated attacks, have been handled accordingly
  • Staff to block email attachments
  • IT will simulate phishing attempt training to employees of the count
Read More

 
City of Sarasota

Breach Type - Ransomware

My Suncoast

  • Employee received email with ransomware
  • Data held hostage and systems offline
  • City refused to pay ransom, utilized IT department
  • Recovered most of the lost files
Read More

 
Palm Beach County Department of Health

Breach Type - Hack

Palm Beach Flordia Health

  • Unauthorized access & possible misuse of information caused by hackers
  • All personal/financial information for clients of Palm Beach Co. Health Dep. potentially affected
  • Clients notified and advised to monitor credit information
Read More

 
BACK TO TOP

Medical

Clearway Pain Solutions Institute, Escambia County

Breach Type - Hacking, Data Breach

Data Breaches

  • A third party had accessed the institute’s EMR system leading patients to be notified
  • Following the attack all users have been analyzed with validations to access levels
  • To help prevent any fraud due to patient exposure, people have been offered a membership to protect individuals
Read More

 
AdventHealth Medical Group Pulmonary & Sleep Medicine, Lake County

Breach Type - Hacking, Data Breach

Click Orlando

  • Sensitive patient information may have been exposed
  • A third party had hacked into the system and compromised security
  • Sensitive information regarding social security and more may have been compromised
Read More

 
FABEN Obstetrics and Gynecology, Duval County

Breach Type – Ransomware

Data Breaches

  • The medical clinic was infected with ransomware
  • It was detected quickly but it has not been disclosed how it happened
  • Infected files were deleted even though there were no backups of some files
Read More

 
Family Physicians Group, Orange County

Breach Type - Phishing, Data Breach

Orlando Sentinel

  • Family Physicians Group affected by hacking incident
  • Phishing attack on employee’s email account compromised personal health information
  • 8,400 patients notified of data breach
Read More

 
Cancer Treatment Centers of America, Palm Beach County

Breach Type - Phishing, Data Breach

WFLA

  • Cyber criminals targeted CTCA employees via phishing scheme
  • Personal information of 41,948 patients of Cancer Treatment Centers of America potentially compromised in data breach
  • Medical information and cancer types exposed in breach
Read More

 
Health First, Inc., Brevard County

Breach Type - Phishing, Data Breach

Data Breaches

  • Health First, Inc. notified HHS of a breach that affected 42,000 patients
  • Health First employees fell victim to phishing scam which compromised customer information
  • Though cyber criminals did not appear interested in obtaining personal data – a limited number of emails viewed contained protected health information
Read More

 
Health Management Concepts, Inc., Palm Beach County

Breach Type - Ransomware

Office of Attorney General

  • HMC server compromised with malicious ransomware
  • Ransom paid in attempt to decrypt data
  • Confidential patient data inadvertently provided to hackers
Read More

 
Florida Agency for Persons with Disabilities, Leon Co.

Breach Type - Phishing/Data Breach

APD Cares

  • Malicious phishing email compromised systems of Florida Agency for Persons with Disabilities
  • 1,951 APD patients potentially affected in data breach
  • APD upgraded security systems to further prevent unauthorized access to private information
Read More

 
Florida Hospital Websites

Breach Type - Hack

Orlando Sentinel

  • Malware compromises 3 Florida Hospital websites: FloridaBariatric, FHOrthoInstitute, and FHExecutiveHealth
  • Websites taken offline to repair malicious software
  • Some sensitive patient data potentially at risk
Read More

 
Guardian Pharmacy of Jacksonville, LLC.

Breach Type - Hack

DataBreaches

  • Hacker manipulated an employee email account
  • Obtained unauthorized access to limited patient information
  • A small group of individuals' financial records potentially accessed
Read More

 
St. Mark's Surgical Center

Breach Type - Ransomware

Health Data Management

  • 33,887 individuals potentially affected
  • No indication of improper use of patient's personal data
  • St. Mark's has taken multiple steps to protect data in the future
  • Offering potentially affected individuals identity protection and free credit monitoring
Read More

 
Greenway Health

Breach Type - Ransomware

DataBreaches

  • Greenway Health working with law enforcement & FBI
  • No patient data has been exfiltrated or otherwise misused
  • Incident isolated to Tampa location
Read More
DataBreaches: Updates

  • 400 of Greenway Health client EHR services affected
  • At least half of the systems have been restored
Read More

 
BACK TO TOP

Education

Monroe County School District, Monroe County

Breach Type - Ransomware

Miami Herald

  • Monroe County School District fell victim to ransomware variant known as GandCrab
  • Ransomware encrypted data twice before Monroe fully recovered
  • There was no threat to student data
Read More

 
Florida Virtual School

Breach Type - Hack

Miami Herald

  • More than 350,000 potentially affected associates of Florida Virtual School
  • More than 1,800 Leon County school teachers had had private financial info exposed in attack
  • Florida Virtual School discovered hack 2 years later, offering free identity protection services
Read More

 
Walton School District

Breach Type - Phishing

WJHG

  • Walton School District employees fall victim to spear-phishing scheme
  • District implementing additional safeguard to ensure potentially affected individuals are protected
  • District notified employees, IRS, and local authorities
  • Thirty people potentially impacted by breach
Read More

 
Manatee County School District

Breach Type - Phishing

Bradenton Herald

  • Employees of school district fall victim to spear-phishing scheme
  • Sent W-2 forms of all district employees to hackers
  • District's cyber insurance may help pay for costs of attack
Read More
 
BACK TO TOP