North Carolina Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
North Carolina.jpg
 

Public Safety

Rocky Mount Police & City of Rocky Mount Computer Systems, Edgecombe & Nash Counties

Breach Type – Unknown, Ransomware

The Enterprise

  • Police and city network were hit in ransomware cyberattack
  • Officials stated that third party IT personnel had investigated
  • Electronic and telephone payment systems remained down
Read More
WRAL

  • Officials remained uncertain about when services would be restored
  • Investigators believed that personal information remained intact
  • Law enforcement and other emergency services remained unimpacted
Read More
The Enterprise

  • Ransomware cyberattack affected almost all aspects of city business
  • Law enforcement investigation files remained unavailable
  • Police officers forced to write handwritten reports
Read More

 
City of Durham & Durham County Government, Durham County

Breach Type - Unknown, Ransomware

WRAL

  • A ransom note had been sent via email stating that Russian hackers had accessed the city's systems
  • IT is working to bring systems back online following the spread of the phishing related virus
  • The city's website remains online and accessible to the public for normal utility payments
Read More
News Observer

  • The city announced the attack to the public two days after the attack occurred
  • So far the origin of the attack is unknown and is being investigated by the city
  • Critical systems such as the 911 call center remain online as other systems of the city are offline and are projected to return in the following days
Read More

 
Lincoln County 911 Communications Center, Lincoln County

Breach Type – Unknown, Ransomware

CBS Local

  • This was the second wave of cyber attacks targeting the communications center, this time accessing separate servers
  • No ransom requests seem to be made and no contact had been made with the hackers
  • In order for dispatch to successfully operate, all communications and 9-1-1 calls are being taken over radio
Read More

 
Lincoln County Sheriff’s Office, Lincoln County

Breach Type – Unknown, Ransomware

Charlotte Observer

  • Lincoln County Sheriff's Office hit with ransomware attack, crippled network
  • Investigators stated hackers destroyed system backups and encrypted main server
  • FBI investigated attack, IT workers attempted to access encrypted information
Read More
WSOC TV

  • Lincoln County Sheriff's Office given ransom demands by hacker
  • Sheriff's Office IT department stated they would rebuild servers from scratch
  • Officials believed negligence caused attack, security measures not in place
Read More

 
Greenville Police Department & City of Greenville, Pitt County

Breach Type - Unknown, Ransomware

Reflector

  • A virus caused the city to shut down several systems in an attempt to prevent it spreading
  • It was first noticed by a member of the Greenville Police Department
  • Many servers have been shut down for a while of the foreseeable future
Read More
Bleeping Computer

  • The virus was discovered to be a ransomware called RobinHood
  • There are several snapshots of how the ransomware looks and what the messages were
  • Ransomware states that it values the victim’s privacy and will “not” disclose private information of those who have paid
Read More

 
Orange County Sheriff’s Office & Orange County Government, Orange County

Breach Type - Unknown, Ransomware

Herald Sun

  • Orange County network attacked by ransomware virus, caused numerous issues at several agencies, including Sheriff's Office
  • Officials were uncertain when services would be restored, but were slowly understanding the attack
  • Officials believe that none of the personal data stored on the system was compromised or stolen
Read More

 
Pasquotank-Camden Emergency Medical Services, Pasquotank County

Breach Type - Hacking, Data Breach

Beckers Hospital Review

  • Pasquotank-Camden Emergency Medical Services hacked, possibly affected over 20,000 individuals
  • Local police and federal law enforcement discovered foreign entity hacked system
  • Leaked information includes SS numbers, DOB information, and medical information
Read More

 
Town of Clayton Fire Department; Johnston County

Breach Type - Phishing, Other

ABC 11

  • Hackers are using police, fire chief’s emails to try and steal information
  • Official email address of Clayton’s Fire Chief Lee Barbee compromised in cyber attack
  • Fraudulent emails containing malicious attachments sent to Barbee’s contacts
Read More

 
Burlington Police Department; Alamance County, Guilford County

Breach Type - Phishing, Other

WF My News 2

  • City of Burlington sent out an alert detailing attempted cyber attack on the City
  • Hackers compromised Police Captain, Mark Rascoe’s email
  • City of Burlington warned, those at risk, against opening malicious emails from that address
Read More

 
Davidson County

Breach Type - Ransomware

The Dispatch

  • SamSam ransomware shuts down county business
  • 911 director notified county that there was suspicious activity within its server
  • Shut down 70 servers & all phones
  • Hackers ask for $23,000 ransom
  • County has proper backups in place
Read More

 
Mecklenburg County & later Mecklenburg Sheriff’s Office

Breach Type - Ransomware

Fox 46

  • Hackers freeze servers, county officials could not access information
  • Malware discovered on 30 servers
  • Demand ransom of $23,000
  • Employee clicked infected email link
Read More
Washington Post

  • Problems do not affect emergency calls
  • Calls handled by the city of Charlotte
  • Checking in arrestees by hand
  • Website having issues updating info on jail inmates
Read More
Charlotte Observer

  • After refusing to pay ransom, Mecklenburg discovers 2nd hacking strike
  • IT staff discovered more attempts to compromise info
  • LockCrypt (from Iran or Ukraine) new strain of ransomware
  • Limiting use of email/email attachments
  • Conducting business via phone or in perso
Read More
Daily Mail

  • Hackers failed 2nd hacking attempt
Read More

 
BACK TO TOP

Local Government

Person County Government, Person County

Breach Type – Unknown, Ransomware

Person County

  • Ransomware used in cyberattack against county government
  • IT personnel quickly assessed damage and enacted safety protocols
  • Officials refused to comment on any specifics related to the attack
Read More

 
City of Shelby, Cleveland County

Breach Type – Unknown, Malware

Shelby Star

  • City left recovering after cyberattack
  • Officials investigated impact attack had on systems
  • Personal information was believed to be secure
Read More

 
Guilford County Government Systems, Guilford County

Breach Type - Hacking, Other

Rhino Times

  • North Carolina county government victim of cyberattack
  • Officials did not reveal full extent of attack
  • Ransomware was likely culprit, bad actors were identified
Read More

 
Putnam County Website, Putnam County

Breach Type - Hacking, Other: Website Defacement

Putnam Sentinel

  • Bad actors defaced county website
  • System remained unaffected
  • Cyberattack caused minimal damage
Read More

 
City of Mount Airy, Surry County

Breach Type - Hacking, Other

Mount Airy News

  • Credit card information stolen by bad actors from city database
  • City used Click2Gov vendor for online transactions
  • Officials claimed city had never been victim of cyberattack before
Read More

 
Duplin County Government Systems, Duplin County

Breach Type – Unknown, Malware

WITN

  • Computer system was taken offline after malware cyberattack
  • Officials confirmed that emergency services remained unaffected
  • No ransom was demanded despite other services taken out
Read More
WITN

  • County computers wiped in ransomware cyberattack
  • Officials forced to pay $5,000 to insurance
  • Stronger, more stringent security was put into place
Read More

 
Isle of Palms City, Charleston County

Breach Type – Unknown, Malware

WCBD News 2

  • Isle of Palms City hit with malware attack
  • IT department isolated intrusion to prevent further damage
  • Officials advised bad actors targeted local government
Read More

 
North Carolina State Bar, State

Breach Type – Unknown, Ransomware

WRAL

  • State Bar for North Carolina hit with ransomware cyberattack
  • System required restoration and repair from backup data
  • IT team was able to stop spread of virus, officials state no ransom paid
Read More

 
Cabarrus County

Breach Type – Phishing, Other

Naked Security

  • Cabarrus County victim of phishing cyberattack, paid bad actor over $2.5 million
  • Attackers scammed county officials into believing they were a legitimate contractor
  • Bank was able to freeze over $500,000 of the funds that remained
Read More

 
Imperial Health, Calcasieu Parish

Breach Type – Unknown, Ransomware

HIPAA Journal

  • Cabarrus County, North Carolina victim of cyber scam, lost $2.5 million
  • Bad actors posed as previously used contractor via e-mail
  • Bank was able to freeze over $776k of remaining traceable amount, rest lost
Read More

 
City of Concord Website, Cabarrus County

Breach Type – Hacking, Other: Website Defacement

Independent Tribune

  • City website defaced with inappropriate language, officials offered apologies
  • Cyber attack was reversed and website restored by Data Services team
  • Lapse in security update caused vulnerability in the website, since been updated
Read More

 
Anson County Government Website, Anson County

Breach Type – Hacking, Other: Website Defacement

WSOCTV

  • Anson County government and city of Concord website victim of cyber attack
  • Homepages on both sites replaced by hacker images, included lewd gestures
  • Officials stated that no data had been compromised, websites returned to normal
Read More

 
Randolph County Website, Randolph County

Breach Type – Hacking, Other: Website Defacement

SpectrumLocalNews

  • Randolph County website hacked by international group
  • IT department advised that only website's main page was hacked
  • Vulgar phrasing placed on page has since been removed
Read More

 
Town of Maxton, Robeson & Scotland Counties

Breach Type - Unknown, Malware

Laurin Burg Exchange

  • Maxton Board of Commissioners discovered theft of $30,000 from its bank account
  • Theft was result of cyber attack involving malware from exterior bad actor
  • Investigation being conducted by police department, insurance was able to cover half of funds missing
Read More
Robesonian

  • Maxton city officials briefed on details from malware attack that stole $30,000
  • Three additional banks in other towns were also victims of the same attack
  • Bank officials cooperating with investigation, remorseful of the situation
Read More

 
Onslow County Water and Sewer Authority, Onslow County

Breach Type - Ransomware

WNCT

  • Water and Sewer Authority experienced persistent virus attacks from Emotet malware
  • The malware launched sophisticated ransomware variant, known as Ryuk, which quickly encrypted databases and files
  • The authority is coordinating with the FBI, DHS, state of North Carolina, and several technology security companies in response to attack
Read More

 
Town of Kill Devil Hills, Dare County

Breach Type - Other

The Outer Banks Voice

  • Undisclosed failure caused problems at Town of Kill Devil Hills
  • Computers & telephones affected
  • Technical support staff diligently worked to correct situation
  • Emergency calls not affected during outage
Read More

 
Pasquotank County

Breach Type - Ransomware

Daily Advance

  • Five Pasquotank County servers encrypted by ransomware
  • Ransomware variant identified as "Amnesia/Scarab" virus
  • Hackers demanded $2,500 ransom
  • County does not intend to pay for decryption keys
Read More

 
Catawba County

Breach Type - Hack

WBTV

  • Letters notifying more than 9,000 employees
  • Officials discovered employee personal information may have been compromised
  • County's health insurance information in human resources may have been affected
  • Hack affected human resources & payroll system
Read More

 
NC State Elections Website

Breach Type - Hack

The News & Observer

  • Part of Islamic Union test hacks of government websites
  • Team System Dz claims responsibility
  • NC one of 76 websites impacted in this string of ISIS Propaganda
Read More

 
NC Counties Russian Election Hacking

Breach Type - Hack

WNCT

  • Hackers attempted to compromise electronic records in 21 north carolina counties
  • Ashe, Cabarrus, Cleveland, Craven, Cumberland, Durham, Edgecombe, Franklin, Gaston, Gates, Granville, Halifax, Hyde, Johnson, Mecklenburg, Nash, Rowan, Sampson, Vance, Warren, Wilson
  • Software produced by VR systems was target of hackers
  • Software does not play any role in ballot marking or vote tabulation
Read More

 
City of Durham

Breach Type - Ransomware

WNCN

  • Hacked at least three times
  • Hackers could not access sensitive data
  • Reset computers and used data from backups
Read More

 
Raleigh, Wake County

Breach Type - Hack

The Hill

  • “Anonymous” Hackers attempt to take down North Carolina gov websites
  • Websites were inaccessible
  • Political protest in opposition to bathroom sex assignment laws
Read More

 
Durham, Wake County

Breach Type - Ransomware

WRAL

  • Computers corrupted one by one
  • City of Durham did not pay ransom
  • Data kept on backup servers
Read More

 
BACK TO TOP

Medical

Atrium Health, Mecklenburg County

Breach Type – Unknown, Data Breach

WBTV

  • Some minimal information was possible exposed following Blackbaud breach
  • The health center is continuing constant conversations with Blackbaud to understand the event in its entirety
  • Atrium stated that only information regarding any donors were affected
Read More

 
Randleman Eye Center, Randolph County

Breach Type – Unknown, Malware

Data Breaches

  • Bad actor utilized malware in cyberattack against health center
  • Names, dates of birth, and gender among leaked information
  • Patients were advised to contact law enforcement with suspicions
Read More

 
Mission Health, Buncombe County

Breach Type – Hacking, Data Breach

The Kansas City Star

  • Bancombe County health services provider victim of hacking data breach
  • Officials forced to contact undisclosed number of patients
  • Names, addresses, and payment card information likely compromised
Read More

 
Catawba Valley Medical Center, Catawba County

Breach Type - Phishing, Data Breach

WCNC

  • Cyber Attack impacted 20,00 patients and sensitive information
  • Employee opened a phishing email attached to a larger scam
  • Three separate employee accounts were compromised
Read More

 
Atrium Health

Breach Type - Hacking, Data Breach

Herald Courier

  • Hack on Atrium’s billing vendor could compromise information of over 2.5M patients
  • Information was accessed not downloaded
  • Medical records were not compromised
Read More

 
Catawba Valley Medical Center, Catawba County

Breach Type - Phishing, Data Breach

Data Breaches

  • Hackers accessed three Catawba Valley Medical Center employees’ email accounts
  • CVMC launched investigation
  • Private patient data potentially exposed to hackers
Read More

 
Wake Forest Baptist Health - Wilkes Medical Center, Wilkes County

Breach Type - Malware

Spam Fighter

  • Computer work stations at Wake Forest Baptist Health compromised by virus
  • Employees following downtime procedures for the disruption
  • Patient data not stored locally – private data not compromised
Read More

 
Diagnostic Radiology & Imaging, LLC.

Breach Type - Phishing

Data Breaches

  • Phishing attack leaves private patient data exposed to hackers
  • 800 patients potentially compromised
  • No financial information was accessed
Read More

 
Coastal Cape Fear Eye Associates

Breach Type - Ransomware

Data Breaches

  • Hacking incident compromised data of 925 patients
  • Private patient data was not exfiltrated from the system
  • Data was accessed by hackers
  • Coastal notified patients and is offering guidance moving forward
Read More

 
Allscripts' E.H.R. Services

Breach Type - Ransomware

Becker's Hospital Review

  • Ransomware attack impacts limited number of Allscripts' applications
  • The affected applications hosted in data centers located in Raleigh and Charlotte, N.C.
  • Multiple systems unavailable including electronic prescribing of controlled substances, regulatory reporting, clinical decision support, & more
  • Those concerned are encouraged to reach out to Allscripts Support
Read More

 
First Health

Breach Type - Ransomware

The Pilot

  • Malware disrupted several First Health facilities in North & South Carolina
  • Virus started on non-clinical device and infected clinical devices via the same network
  • 4,000 devices to check and more than 100 physical locations potentially infected
  • Deployed an anti-virus patch to be used on all systems
  • No evidence of data breach has surfaced
Read More
Healthcare IT News

  • Ransomware variant identified as WannaCry
  • Devices remain offline out of abundance of caution
  • Delays and patient appointment cancellations experienced, excluding those in need of critical care
Read More

 
BACK TO TOP

Education

Haywood County School District, Haywood County

Breach Type – Unknown, Ransomware

ABC 13 News

  • School district computers were taken out in cyberattack
  • Officials closed the school for several days in response
  • Superintendent remained confidant of district's computer backups
Read More

 
The University of North Carolina Wilmington, New Hanover County

Breach Type – Unknown, Data Breach

Port City Daily

  • Bad actors gained access to data about past and potential donors
  • Information accessed was potentially sensitive
  • The University does not think the information has been used in a malicious manner
Read More

 
Surry County Schools, Surry County

Breach Type – Unknown, Ransomware

The Mount Airy News

  • County school district was victim of ransomware cyberattack
  • IT personnel mobilized quickly and mitigated further damage
  • Cybersecurity professionals and law enforcement assisted in the investigation
Read More

 
Randolph Community College, Randolph County

Breach Type – Unknown, Ransomware

Your Daily Journal

  • College's entire computer network and other devices were compromised following cyberattack
  • Bad actors utilized ransomware, demanded college pay ransom to retrieve locked data
  • In total, 1,200 devices were affected during the two week attack
Read More

 
Columbus County Schools, Columbus County

Breach Type – Unknown, Malware

WWAY 3

  • County school district was victim of cyberattack
  • Telephones and internet were downed
  • Officials sought outside help to assist in repairs
Read More

 
Mitchell County Public Schools, Mitchell County

Breach Type - Unknown, Ransomware

Mitchell News-Journal

  • IT personnel were forced to assess damage, utilize safeguards following cyberattack
  • Officials believed sensitive personal data remained uncompromised
  • Employees were advised to avoid logging onto school network until issue was resolved
Read More

 
Burke County Public Schools, Burke County

Breach Type – Unknown, Ransomware

Morganton

  • IT personnel utilized protocols to help mitigate damage
  • Ransomware was culprit of cyberattack
  • State-contracted IT firm assisted in restoration
Read More

 
The University of North Carolina - Chapel Hill School of Medicine, Orange County

Breach Type – Phishing, Data Breach

Data Breaches

  • Over 3,500 individuals likely had private information stolen in phishing cyberattack
  • Bad actors accessed various email accounts for a monthlong period
  • School offered credit monitoring and identity protection services to some patients
Read More

 
Rockingham County Schools, Rockingham Co.

Breach Type - Phishing, Virus

Rockingham Now

  • Employees fell victim to phishing scheme
  • Downloaded malicious Word document attachments
  • Virus shut down computer network and internet structure
Read More

 
Davidson County Schools

Breach Type - Phishing

The-Dispatch

  • Davidson County Schools fall victim to spear-phishing scheme
  • W-2 information for 3,200 employees sent to scammer
  • Potentially affected individuals advised to implement two factor authentication on their accounts
Read More

 
BACK TO TOP