Georgia Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Georgia.jpg
 

Public Safety

Department of Public Safety, State of Georgia

Breach Type – Unknown, Ransomware

WSBTV

  • Georgia Department of Public Safety victim of ransomware attack
  • Investigators conducted forensic analysis of network, shut down servers
  • State Patrol, Capitol Police, others reverted to old system of phone and radio
Read More

 
Blackshear Police Department, Pierce County

Breach Type – Unknown, Malware

WSBTV

  • Blackshear Police Department victim of cyber attack, FBI involved
  • Lawrenceville and Henry County hit with malware during same attack
Read More

 
Lawrenceville Police Department, Gwinnett County

Breach Type - Unknown, Ransomware

11Alive

  • The department had been attacked by a corrupting ransomware that encrypted and blocked access to data on the servers
  • Once it was discovered there were immediate attempts to work on restoring operations and investigating how this event happened
  • Lawrenceville Police were the primary target with the city hall allegedly completely isolated from this incident a
Read More

 
Stone Mountain Park Police, DeKalb County

Breach Type - Unknown, Ransomware

Fox 5 Atlanta

  • A cyber attack has impacted computer systems of Stone Mountain Memorial Association
  • Several computer systems were held for ransom for several days, investigators are working to isolate the attack
  • The public was left unaffected as police officers had to hand write reports as systems are being worked on
Read More

 
Jackson County Government, Jackson Co.

Breach Type - Unknown, Ransomware

Fox 5 Atlanta

  • It was confirmed that a cyber attack occurred in Jackson County on Monday
  • The county was then held for ransom during the attack
  • It is speculated that this may be a repeat attack similar to one that occurred in March 2018
Read More
11 Alive

  • Jackson County authorities stated that the attack has affected several systems within the county
  • Within the Jackson County Sheriff’s office the attack was tied to internal departments and is widespread to other agencies
Read More
Online Athens

  • Jackson County paid about $400,000 this week following attack on systems
  • Officials justified paying ransom stating an equal amount was spent attempting to fix systems
  • Systems were plagued by Ryuk Ransomware
Read More

 
Bibb County Sheriff’s Office & Macon-Bibb County Websites

Breach Type - Hacking

13 WMAZ

  • Sheriff's website defaced with message from Turkish hacktivists
  • Several departments shared the same hacked screen
  • Websites were restored and are being investigated
  • Passwords were changed in order to fight back
Read More

 
Coweta County & Coweta County Public Safety Systems

Breach Type - Ransomware

Times-Herald

  • County’s computer systems affected by ransomware
  • Majority of Coweta information technology servers compromised by attack
  • Local public safety systems utilize backup systems, radio-only communications, and manual record keeping systems
Read More

 
City of Atlanta & Atlanta PD

Breach Type - Ransomware

11 Alive

  • Samsam ransomware takes down city web applications & some phone lines
  • Police claim that they are unaffected but filing reports manually out of abundance of caution
  • Police still taking calls
Read More
CBS 46

  • Atlanta Police Department files wiped
  • Files contained sensitive case info
  • Remains unclear if files can be recovered
  • Police continue manual work for certain tasks
Read More

 
City of Savannah & Savannah-Chatham Metropolitan PD

Breach Type - Ransomware

Savannah Now

  • Malware attack, caused by email phishing scheme, hits Savannah
  • City officials said malware had not impacted 911 center’s ability to receive/answer dispatch calls
  • Virus affected system for 5 days – officials claim attack did not compromise city data or damage network
Read More
WJCL

  • Savannah-Chatham Metropolitan Police Department impacted by malware attack
  • Hack originally hit the City of Savannah in February
  • Police Department has trouble accessing records
  • Department admits three areas of serious deficiency remain
Read More
WALB News 10

  • Virus identified as ransomware
  • City of Savannah paid ransom to restore data & retrieve function of hardware
Read More

 
Troup County Computer Systems Hacked

Breach Type - Ransomware

LaGrange News

  • Hack affected all county computer systems, including Troup County Sheriff’s Office
  • Deputies resorting to “old school” documentation
Read More
WRBL

  • Hackers from Eastern Europe demanded ransom of 24 Bitcoins
  • Sheriff’s office did not pay ransom
Read More

 
BACK TO TOP

Local Government

City of Cornelia, Habersham County

Breach Type – Hacking, Other

Access WDUN

  • City of Cornelia attacked with ransomware, affected billing system
  • Attack delayed water bills, but account information uncompromised
  • Firewall utilized by city billing department was outdated and not updated
Read More

 
Henry Country Government Systems, Henry County

Breach Type - Unknown, Malware

11Alive

  • Henry county is now another name on the growing list of cyber attack based victims
  • Detection of the attack began after several technical difficulties were encountered during normal operations
  • The FBI were contacted in hopes to prevent and stop any further continuation or repeat attacks of this nature
Read More

 
Georgia Emergency Management and Homeland Security Agency, State of Georgia

Breach Type - Unknown, Malware

WPTV

  • Malware found on GEMA/HS computer system during routine cybersecurity screening
  • Security software isolated and prevented malware activation, but precautionary steps are still being taken
  • Received assistance from state agency partners to provide any needed public notifications and services during an emergency
  • Cybersecurity insurance will be used to pay 3rd party vendor for confirmation of malware removal
Read More

 
City of Griffin Finance Department, Spalding County

Breach Type - Phishing, Other

Bleeping Computer

  • Business Email Compromise (BEC) attack allowed scammers to steal over $800,000
  • Finance was tricked by phishing emails to redirect payments from a legitimate vendor account to an account owned by the attacker
  • Money was lost in two transactions, but SunTrust believes they can recover the money
Read More

 
Administrative Office of the Courts, State of Georgia

Breach Type - Unknown, Ransomware

11 Alive

  • Due to contaminated systems, the state had resorted to shutting off their networks to prevent further infection
  • The virus did not impact all systems, but the state still made sure to quarantine their systems to prevent any potential spread
  • It was not released how much ransom was requested nor how the virus came to infect the systems in the first place
Read More

 
City of Cartersville, Bartow County

Breach Type - Hacking, Other

MDJOnline

  • Cartersville’s government had fallen prey to cyber attacks and was unable to accept online payments
  • Systems are now operational however it was still unknown if it has been fully contained and no areas left impacted
  • Bills and electronic payments can now be made on a single payment due to the affected systems
Read More

 
City of Morrow Website, Clayton County

Breach Type - Hacking, Other

11Alive

  • Hacker group infiltrated City of Morrow website
  • Altered homepage with Turkish and Palestinian propaganda & anti-Israel messages written in Turkish
  • City of Morrow officials secured website & reverted it back to its original state
  • Backups and scans of all systems performed, no malicious activity found
Read More

 
City of Winder, Barrow County

Breach Type - Ransomware

Barrow Journal

  • Ransomware attack impacted City's computer & email servers
  • Point of entry unknown
  • U.S. Secret Service investigating source of virus
  • $320,000 ransom demanded by hackers
Read More

 
City of Augusta

Breach Type - Hack

Augusta Chronicle

  • List of city employee emails accounts and passwords sent to local news source by bad actor
  • The employee data breach believed to be hacktivist attack against new Senate Bill 315
  • City of Augusta working to identify validity of information at risk
  • Investigation ongoing and rigorous to protect employee data
Read More

 
Dawson County

Breach Type - Ransomware

Gainesville Times

  • IT department investigates servers after tax assessor's office could not save files
  • Discovered Dawson county computer servers infected with aggressive ransomware
  • County’s exchange server, as well as phone and internet services, were affected
  • IT working to isolate the affected server
Read More

 
City of Logansville, Gwinnett County

Breach Type - Other

WSB-TV

  • Gwinnett county notifies public of breach
  • Breach possibly affects personal information of county residents
  • All city services still accessible
Read More

 
City of Hinesville

Breach Type - Ransomware

Fox 28

  • IT outage shows true colors as ransomware attack
  • Email and telephone systems impacted
  • No personal information compromised during attack
  • Email restored & city working on preventative measures for future incidents
Read More

 
Georgia Department of Agriculture

Breach Type - Ransomware

My Atlanta Journal Constitution

  • Malware brought down agency's websites – seeking to extort ransom
  • Department remained offline throughout attack
  • No intention to pay ransom
  • No indication private information at risk
Read More

 
BACK TO TOP

Medical

Navicent Health, Bibb County

Breach Type - Phishing, Data Breach

The Telegraph

  • This health-care provider fell victim to an attack focused on the email systems
  • Personal information of several patients has been deemed likely compromised
  • The hospital has worked with several different firms in an attempt to scope the scale of the attack
Read More

 
EyeSouth Partners, Fulton County

Breach Type - Phishing, Data Breach

Data Breaches

  • Hacker had gained access to an employee’s account
  • Some patient’s information may have been exposed
  • EyeSouth is notifying potential victims of this incident and providing credit monitoring services
Read More

 
Mind & Motion, Gwinnett County

Breach Type - Ransomware

Data Breaches

  • Server attacked with ransomware
  • Patient personal information potentially compromised
  • All office account passwords changed with rigorous security measures taken to prevent future attacks
Read More

 
Georgia Spine & Orthopaedics of Atlanta, Fulton County

Breach Type - Phishing, Data Breach

Data Breaches

  • Phishing scam compromised Georgia Spine & Orthopaedic employee email account
  • Hackers potentially obtained private information of patients
  • A small number of Social Security numbers may be compromised
Read More

 
Augusta University Health, Richmond Co.

Breach Type - Phishing, Data Breach

ajc

  • Employee email breach exposed sensitive and private data
  • 417,000 patients, students, & employees potentially affected
  • Augusta University Health worked to disable affected email accounts
Read More

 
RiverMend Health

Breach Type - Hack

Data Breaches

  • 1,300 patient's data contained in employee's email account
  • Account compromised & manipulated to send suspicious emails
  • RiverMend found no evidence suggesting patient data was targeted
Read More

 
Peachtree Neurological Clinic

Breach Type - Ransomware

Peachtree Neurological Clinic

  • Electronic medical records held captive by hackers
  • Peachtree did not pay ransom, recovered files through backups
  • Investigation shows no data exfiltrated through system
  • Situation did not impair ability of Peachtree to care for its patients
Read More

 
Peachtree Neurological Clinic

Breach Type - Data Breach

Beckers Hospital Review

  • While investigating a separate ransomware attack: Peachtree discovered 15-month breach
  • Breach took place between Feb. 2016 & May 2017
  • Not able to confirm if patient data has been misused
  • Notified all potentially affected individuals
Read More

 
GA Vascular Surgical Associates

Breach Type - Hack

Data Breaches

  • Computer server hacked through compromised vendor password
  • Allowed hackers access to server for several months
  • Remains unclear if patients' personal data was misused
  • Secured server to ensure that this type of attack no longer continues
  • Notified FBI and Department of Health and Human Services Office for Civil Rights
  • Letters sent to potentially affected individuals
Read More

 
Alpharetta Dentist's Office

Breach Type - Ransomware

WSBTV

  • Employee opens spam email leading to ransomware virus
  • All patients' data stored in off-site cloud server remaining unaffected by hackers
  • Officials believe attack was random
Read More

 
BACK TO TOP

Education

Thomas County School District, Thomas County

Breach Type - Hacking, Other

Data Breaches

  • The School district was made aware of a breach within their online banking systems
  • Hackers targeted the school district gaining access to employee banking information
  • No money was stolen due to safety protocols set in place within the bank
Read More

 
Atlanta Public Schools

Breach Type - Phishing

AJC

  • Cyber thieves steal paychecks from 27 employees
  • Targeted payroll funds – taking $56, 459
  • Hackers changed direct deposit information of 7 more employees
  • District may not recover stolen money unless state investigators apprehend the hackers
Read More

 
Georgia Tech

Breach Type - Ransomware

Georgia Tech News

  • Employee conducted research on website which contained malicious ransomware
  • Ransomware spread to Georgia Tech's network, allowing access to past & present employee data
  • Georgia Tech Cyber Security secured network and impacted systems
  • Human Resources notified potentially affected individuals of incident
Read More

 
Augusta University

Breach Type - Phishing

WFXG

  • Phishing scheme hits employees containing personal health information of patients
  • Less than one percent of patients affected by the breach
  • Augusta University notified potentially affected patients
Read More

 
Georgia Tech

Breach Type - Phishing/Ransomware

Georgia Tech News Center

  • Phishing emails circulated through Georgia Tech Community
  • Emails contained malicious attachment distributing ransomware
  • Those who open attachment advised to shut off infected devices and contact TSO help desk
Read More


 
BACK TO TOP