Illinois Cyber Attacks

Infrastructure Affected

Public Safety

Public Safety

Herrin Police Department Website, Williamson County

Breach Type – Unknown, Other: Website Defacement

14 News

  • Bad actors that posted lewd pictures to PD Google Review caused 911 lines to be bogged down
  • Officials stated they would do a better job keeping track of their page
  • Both Google officials and statewide law enforcement agencies were notified of the cyberattack
Read More

City of Harvard Tornado Early Warning System, McHenry County

Breach Type - Hacking, Other

NBC Chicago

  • Following several attacks a McHenry county city plans to remove its siren system
  • After investigation is was revealed that the malfunctions were due to attacks on the system
  • Due to the several false alarms many emergency and non-emergency calls were made clogging up 911 systems
Read More

Will County 911, Police & Fire Services, Will County

Breach Type - Malware

The Herald-News

  • Virus infected Will County computer systems
  • Virus inhibited officers’ & firefighters’ ability to communicate in field with Will County 911 over mobile internet connection
  • Virus did not affect 911 phone system, radio, or CAD system
  • Officers manually filed reports rather than through online methods
  • No sensitive data or EMS reports accessed by hackers
Read More

Marion County Sheriff's Office

Breach Type - Data Breach

X95 Radio

  • Security breach compromised & removed private data
  • Affects those booked into Marion County Jail
  • Sheriff's office implementing additional safeguards to prevent future breaches
Read More

Wood River PD Prevents Major Attack

Breach Type - Ransomware

The Telegraph

  • Hackers phished for vital information to Wood River PD
  • PD officials recognized ransomware and locked department out of computer systems
  • Had redundancy server (backup server) set up to protect information
Read More
Tech Talk

  • No information was accessed during attack
Read More

Roxana PD Falls Victim

Breach Type - Ransomware

Fox 2 Now

  • Chief of Police confirms ransomware infected computer systems
  • FBI asked to aid Roxana PD
  • Chief did not pay ransom
Read More

Suburban Chicago Police Department Pays $500 Ransom

Breach Type - Ransomware


Read More


Local Government

Champaign-Urbana Public Health District’s, Champaign County

Breach Type – Unknown, Ransomware


  • Healthcare officials forced to use alternative means for communication
  • Ransomware cyberattack affected provider's network
  • Email accounts, health records, and patient medical records remained safe
Read More

La Salle County Government Systems, La Salle County

Breach Type - Unknown, Malware


  • County computer systems affected following cyberattack
  • Emergency protocols enacted for offices that were hit
  • Several other facilities remained unimpacted
Read More
LCBC Radio

  • Officials remained unsure about how many computers were hit
  • Courthouse possibly affected by cyberattack, email remained functional
  • Employees were unable to access anything outside stored information
Read More

  • Officials confirmed county was hit in cyberattack
  • Bad actors used ransomware against network
  • Ransom demand to release systems had been made
Read More

City of Belvidere, Boone County

Breach Type – Unknown, Ransomware


  • Ransomware used in cyberattack against city government
  • Email and other services were taken out in the attack
  • Officials stated that no ransom had yet been delivered
Read More

Bureau County Website, Bureau County

Breach Type – Hacking, Other: Website Defacement

News Trib

  • County website hacked by Iranians
  • Attack was breach of zoning area on website
  • Courthouse remained unaffected
Read More

Bartlett Public Library System, Cook, DuPage, & Kane Counties

Breach Type – Unknown, Ransomware

Data Breaches

  • Ransomware cyberattack utilized against public library
  • Personal information was not compromised in the attack
Read More

Macon County Circuit Clerk's Office Website, Macon County

Breach Type – Hacking, Other: Website Defacement

Herald Review

  • This attack specifically targeted the website causing another defacement along a string of related attacks
  • Investigations and imagery on the website point to the hackers being Iranian based
  • Private information was kept on a separate server and therefore unaffected by the recent hack
Read More

City of Chicago Department of Aviation, Cook County

Breach Type - Phishing, Malware

CBS Local

  • After attempting to make payments of more than $1 Million to a vendor it had been noticed that it was a scam
  • A phishing email acting as a vendor had asked to change the bank accounts for payments
  • The money was paid to this spoofed account but had been recovered as the bank placed a hold on the fake account
Read More

Moultrie County Government Systems, Moultrie County

Breach Type - Ransomware


  • Computer issues may be caused by dangerous ransomware
  • Reported issue to Illinois State Board of Elections as a database problem
  • As many as three servers may have been infected
Read More

Crawford County Clerk's Office, Crawford County

Breach Type - Ransomware


  • Crawford County Clerk’s office hit with ransomware
  • Clerk’s office employees completed work manually to stay on task
  • Program and firewall updates to system are needed along with software updates to prevent future attacks
Read More

Perry County Government, Perry County

Breach Type - Ransomware

WJBD Radio

  • Perry County computers shut down by ransomware attack
  • Mayor refused to pay ransom, having backup system in place
  • Wiped system clean & restored all files within 6 hours
Read More

Illinois State Election System

Breach Type - Hack

NBC News

  • Detected malicious activity on network
  • Reported to DHS
  • No voter rolls were accessed/altered
Read More

Cook County Treasurer's Website

Breach Type - Cryptojack/Other


  • Over 4,200 victims hijacked to mine Monero cryptocurrency
  • Secretly hijacked using compromised plug-in called "Browsealoud"
  • Though sites were affected for hours, no user data was affected/compromised
Read More

Batavia City

Breach Type - Data Breach

Chicago Tribune

  • W2 phishing scam targets Batavia
  • Over 240 employees potentially affected
  • Names, social security numbers, addresses, & earnings exposed
Read More

Montgomery County

Breach Type - Hack

The Journal News

  • External malware affects some county government offices
  • 911 operations not affected by malware
  • No breach of county data or loss currently
Read More

Illinois Department of Veterans' Affairs

Breach Type - Hack

Daily Herald

  • Malware virus attack infects agency's network
  • Staff launched security incident response through Department of Innovation & Technology
Read More
My Wabash Valley

  • Malware paralyzed computers for at least six weeks
  • Employees resort to manual activity for daily functions
  • Private data of veterans remained unaffected, not stolen
Read More

Illinois Elections

Breach Type - Hack

Capitol Facts

  • Russian Hackers attack voting software supplier days before presidential election 2016
  • Report does not confirm if hack had any effect on election results
  • Hackers infected U.S. voting software company
  • Sent spear phishing emails to 100+ election officials
  • Illinois election officials confirm intrusion of state’s election system
Read More

Cook County

Breach Type - Ransomware

State Scoop

  • First known government infection of WannaCry in U.S.
  • Barrage of phishing emails
  • No major Cook County operations affected
Read More

Illinois State Board of Elections Officials

Breach Type - Hack

Chicago Tribune

  • Personal information of about 200,000 voters hacked
  • Cyber-attack from foreign origin
  • No files of registered voters were erased or modified
  • No voting history captured, or voter signatures
  • Drivers license numbers and last four digits of Social Security numbers could be compromised
  • Online entered information more likely to be compromised
  • Board took offline outside access to prevent further intrusions
Read More

Downers Grove, DuPage County

Breach Type - Hack

Chicago Tribune

  • Cyber security issues prompt Governor to delete social media accounts
  • Gov. often posted political viewpoints on social media accounts
  • Online presence went dark
Read More

Kankakee County

Breach Type - Ransomware

Daily Journal

  • Ransomware infects computer systems through phishing email
  • County officials decided against paying ransom and would not disclose how much hackers demanded
  • County files were saved on backup server
Read More



Carle Foundation Hospital, Champaign County

Breach Type – Phishing, Data breach


  • Hospitals in Illinois victim of phishing scam
  • Three hospitals suffered breach of data
  • Unspecified number of patients' information affected
Read More

Center for Vitreo-Retinal Diseases, Lake County

Breach Type - Ransomware

Data Breaches

  • Servers impacted by ransomware attack
  • Hackers may have viewed private information of patients
  • 20,300 patients potentially affected in data breach
Read More

Medspring Urgent Care, Cook County

Breach Type - Phishing, Data Breach

Data Breaches

  • Illinois Medspring employee falls victim to phishing scam
  • Some patient personal information contained in email account
  • 13,000+ patients potentially affected
Read More



Illinois Valley Community College, LaSalle County

Breach Type – Unknown, Malware

WCMY 1430 AM

  • Bad actor's using malware hacked college systems
  • Officials believed systems would be restored within 10 days
  • Payroll, student registration, and email remained down
Read More

College of DuPage, DuPage County

Breach Type – Unknown, Data Breach

Info Security

  • Over 1,700 employees were given free credit monitoring
  • Officials did not disclose the nature of the attack
  • Website was taken offline during attack by bad actors
Read More

Crystal Lake Community High School District 155, McHenry County

Breach Type – Unknown, Ransomware


  • School district's computer network affected after cyberattack
  • Bad actors used ransomware to hinder school's network
  • Officials contacted outside IT team to assist with restoration
Read More

Sycamore School District 427, DeKalb County

Breach Type – Unknown, Ransomware

Daily Chronicle

  • School district hit with ransomware cyberattack
  • Visitors to district webpage discovered message indicating attack
  • Unknown number of servers were affected
Read More

Rockford Public Schools, Winnebago County

Breach Type – Unknown, Ransomware

Data Breaches

  • School district had 50-60 of its servers go down in ransomware attack
  • District continued to recover from cyberattack months later
  • Officials described the attack as devastating
Read More

Mount Zion School District, Macon County

Breach Type - Hacking, Ransomware

Herald Review

  • School system lost several weeks of student’s grades
  • Attack was from a brute force foreign attack aimed at the network
  • Data was not removed but instead encrypted and left unusable
Read More

Peoria Notre Dame High School, Peoria County

Breach Type - TDoS/DDoS

PJ Star

  • Cyber attack on Peoria Notre Dame High School draws attention of federal investigators
  • Denial of Service attacks plagued school multiple times in the month of October
  • Attacks posed serious threat to the school and day to day operations
Read More

Hoopeston Area School District, Vermilion County

Breach Type - Hacking, Other


  • Hoopeston Area School District website hacked
  • Pictures & emergency callout messages sent to district families
  • Website has since been secured
Read More

Pekin Community High School

Breach Type - Ransomware

PJ Star

  • Hackers demand $37,000 after encrypting entire school network
  • Pekin Community was unsuspecting, having good security measures in the past
  • Local police and FBI involved in the case, no personal data at risk
  • Pekin refused to pay ransom, mostly restoring system through backups
Read More

Morton School District

Breach Type - Phishing

Central Illinois Proud

  • Morton Police department believe Russian hackers source of phishing scheme
  • Investigating situation in which employees of school district had their W-2 information released
Read More
Tazewell Chronicle

  • Russian Hackers sent fraudulent emails asking for employee W-2 information, cause security breach
  • Posed as District's Superintendent
  • Names and Social Security numbers compromised when employee sent information
Read More