Massachusetts Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Massachusetts.jpg
 

Public Safety

Town of Tisbury, Town of Tisbury Police Department Dukes County

Breach Type - Phishing, Malware

Vineyard Gazette

  • Employee opened malicious phishing email, convinced the was sent by a regular town vendor
  • The email launched malware which crippled Tisbury email and internet services
  • Affected departments include the library, the council on aging, and the police department
  • Computer access was disabled for at least 24 hours & the town will implement cyber monitoring for the time being
Read More

 
Dighton PD Locked Out of Computer Systems

Breach Type - Ransomware

Turn to 10

  • Ransom more than $4,600
  • Hackers from Russia, threaten to wipe entire computer system
  • Dighton pays ransom
  • Chief of Police paid out of pocket, Dighton Town reimburses later
Read More

 
Hit on Melrose PD

Breach Type - Ransomware

Wicked Local

  • Email transfers virus to detective
  • Most data backed up, except vital data on detective’s laptop
  • PD pays ransom in bitcoin to recover data
  • Payment of $489 made to hackers
Read More

 
Tewksberry PD Pays Ransom

Breach Type - Ransomware

News BTC


Read More

 
BACK TO TOP

Local Government

City of Lynn Online Parking Ticket Payment System, Essex County

Breach Type - Ransomware

WZLX

  • Previously a virus had rendered Lynn School’s internet systems offline, now the City’s parking ticket payment system has fallen prey
  • City being forced to resort to paper records for payments over several weeks due to attack that originated in India
  • The FBI has been contacted, it seems that no sensitive information had been taken and that computers have remained safe
Read More

 
Committee for Public Counsel Services, Suffolk County

Breach Type - Phishing, Ransomware

Boston Globe

  • CPCS attacked by ransomware, e-mail systems and attorney payments disabled, hearings delayed
  • Agency refused to pay ransom, opted to restore system from backup files
  • Ransomware program known as Ryuk appeared to originate in Russia
  • Agency believes ransomware was installed using trojan virus programs via link, file, or e-mail
  • IT team confident in restoration of data once trojan viruses were eliminated
Read More
CrowdFundInsider

  • Massachusetts Committee for Public Counsel Services victim of Ryuk ransomware
  • Organization had external backups of affected files, believed virus did not extract data
  • Infected link in phishing e-mail determined to be likely culprit
Read More

 
City of Quincy, Norfolk County

Breach Type - Phishing, Malware

The Patriot Ledger

  • Hackers compromise official City of Quincy email accounts via phishing scheme
  • Malicious emails contained Emotet or Trickbot malwares which quickly infected all city departments
  • The compromised accounts were used to spread viruses to those in contact with city officials
Read More

 
Town of Marblehead, Essex County

Breach Type - Phishing, Ransomware

Marblehead WickedLocal

  • Town Finance Director sought cyber assessment after malware attacks
  • Ransomware struck Town via phishing email
  • IT restored files & systems
Read More

 
Massachusetts Clean Energy Center, Suffolk County

Breach Type - Phishing

Boston Herald

  • Cyber scammer steals $93,679 in public funds through phishing scheme
  • Recovered a fraction of the funds stolen, but scheme was unreported for 8 months
  • The Massachusetts Clean Energy Center did not consider cyber threats in its risk assessment
Read More

 
Cambridge Housing Authority, City of Cambridge

Breach Type - Phishing

Cambridge Day

  • Authority loses $7,000 to BEC scam
  • Phishing attack causes loss, but housing authority isn't alone in fight against cybercrime
  • City uses a protective program to help lessen the load of phishing schemes coming through each day
Read More

 
Holyoke City

Breach Type - Phishing

Massachusetts Live

  • City treasurer falls victim to Business Email Compromise (BEC) scam
  • Scammed out of roughly $10,000
  • Treasurer realized cyber attack and contacted Holyoke Police Department
  • Treasurer has cooperated with investigation
Read More

 
Websites: Town of Westford, City of Framingham, Town of Andover, Belmont

Breach Type - Cryptojack/Other

WCCF Tech

  • Over 4,200 victims hijacked to mine Monero cryptocurrency
  • Secretly hijacked using compromised plug-in called "Browsealoud"
  • Though sites were affected for hours, no user data was affected/compromised
Read More

 
Brookline Town

Breach Type - Hack

Boston Herald

  • Business Email Compromise scam almost empties Brookline's funds from treasury
  • Town treasurer recognized the scam and reported to the town's IT department
Read More
Wicked Local

  • Brookline police detectives investigating case
  • Town has taken several preventative measures to ensure future cyber safety
Read More

 
Medfield Norfolk County

Breach Type - Ransomware

Boston.com

  • Paid $300 to hackers to unlock town computer systems
  • Town made attempts to restore files, virus infected backup server
  • Some sensitive files were not compromised, due to not being held on the town serve
  • Paid ransom as most expedient way to resolve
  • IT dept. taking steps to better their cyber security
Read More

 
BACK TO TOP

Medical

ResiDex Software, Suffolk County

Breach Type - Unknown, Ransomware

PR Newswire

  • ResiDex was made aware when servers were interrupted and rendered offline
  • Backups were utilized as systems were restored nearly the same day causing almost seamless response
  • Investigations were started in an attempt to see who was exposed due to how these events took place
Read More

 
Baystate Health of Springfield, Hampden County

Breach Type - Phishing, Data Breach

Kansas City

  • Almost 12,000 patients were exposed following a data breach style attack
  • A phishing incident caused the exposure when affecting the accounts of several employees
  • Patient’s sensitive information included birth dates, health information, social security and more
Read More

 
Cambridge Health Alliance

Breach Type - Hack

Boston Globe

  • Breach results in financial information of 2,500 patients exposed to hackers
  • No medical records included in the breach
  • Cambridge Health notified patients two months after attack
  • No current evidence has surfaced of hackers misusing this data
Read More

 
Partners Healthcare

Breach Type - Hack

Partners

  • Partners monitoring systems identified suspicious malware activity
  • Implemented aggressive mitigation to contain malware
  • One server with personal data may have been affected
  • Partners notified patients out of abundance of caution – believing no data was misused
Read More

 
Massachusetts General Hospital Dental Group

Breach Type - Hack

Data Breaches

  • FTP server leak (Patterson Dental Supply Inc.) also affected MGHDP
  • Patterson launched law-enforcement led investigation
  • Personal data of patients may have been compromised
Read More

 
Eaglesoft Software by Patterson Dental

Breach Type - Accidental Data Breach

Data Breaches

  • Patterson Dental patient databases unsecured on FTP Server
  • Massachusetts General Hospital Dental Group included in unsecured server
  • The FTP server was later taken offline
Read More

 
Brigham and Women's Faulkner Hospital

Breach Type - Hack

Data Breaches

  • Hackers used employee's credentials to access email account
  • Limited number of individuals affected
  • Emails did not contain health insurance numbers or financial information
  • Notified potentially affected individuals
  • No information on how hacker obtained credentials
Read More

 
BACK TO TOP

Education

Lynn Public Schools, Essex County

Breach Type - Unknown, Malware

Item Live

  • A large computer virus caused Lynn schools to be without internet
  • In order to isolate the threat, Lynn schools shut down their internet systems and connections
  • It is unknown where the virus started and when it started
Read More

 
Cape Cod Community College, Barnstable County

Breach Type - Phishing, Malware

Cape Cod Times

  • Phishing email believed to have distributed polymorphic virus to Cape Cod Community College
  • Virus was embedded in malicious attachment
  • The malware targeted the college’s financial transactions, overwriting URL address for the college’s bank
  • Hackers transferred nine fraudulent funds – totaling $807,130 from the college
Read More

 
Leominster School District

Breach Type - Ransomware

Sentinel & Enterprise

  • Files encrypted in ransomware attack and School District analyzed data at risk
  • No private information was accessed by hackers
  • In attempts to regain its network, Leominster paid $10,000 ransom to its cyber extortionists
  • Email system had been down for two weeks
Read More

 
Dracut Public Schools

Breach Type - Phishing

Lowell Sun

  • Employee personal data exposed in advanced phishing scheme
  • No student or parent information compromised in attack
  • FBI and law enforcement launched investigation
Read More

 
Lawrence Public Schools

Breach Type - Phishing

Boston Globe

  • Unspecified number of employees fell for phishing scheme
  • Breach may have exposed personal information of employees
  • No bank account information compromised
  • Superintendent notified personnel
Read More

 

BACK TO TOP