Washington Cyber Attacks

Infrastructure Affected

Public Safety
Back to Archive

Public Safety

Okanogan County Government, Okanogan County

Breach Type – Unknown, Malware

Omak Chronicle

  • The Okanogan County Government has experienced a cyber attack also affecting Public Health
  • Servers are rendered offline as the attack affects services provided and phone systems
  • A team is working with professionals to restore systems, there is not a projected date for repairs
Read More

Jefferson County Emergency Alert System, Jefferson County

Breach Type – Hacking, Other


  • Bad actors sent unauthorized emergency broadcast
  • County law enforcement assisted with investigation
  • Officials believed that access was gained from outside source
Read More


Local Government

Washington State city allegedly hit by ransomware, Pierce County

Breach Type – Unknown, Ransomware


  • ”The BlackCat ransomware gang (ALPHV) has listed the City of Lakewood, Washington, on its data leak site, urging the affected companies to sue the municipality. Lakewood is a city in Pierce County, Washington, with a population of over 63,000. BlackCat claimed it had breached Lakewood City Council and stolen over 250GB worth of data."
  • "Because of their misunderstanding and inability to negotiate, we share information with you,” BlackCat said and shared a link to download 252GB of documents. Cybernews has not reviewed the files. We contacted the City Council to learn more about the alleged incident. We will update the article as soon as we know more.”
  • “BlackCat also urged parties that might be affected by the leak in the future to sue the municipality.” “You should not work with them, their structure is also not protected, and the vulnerability has not been fixed. Companies that will be subject to attacks related to them should sue,” the gang said in a blog post.”
Read More

Grant County email hit by phishing attack

Breach Type – Phishing, Malware

Yahoo! News

  • “If you receive an email asking you to open a proposal or the sender is sharing a file, delete the email. Do not open the email; do not input any username or password if requested," wrote Grant County Director of Central Services Tom Gaines in an email alert sent out by the Grant County Sheriff's Office Thursday morning."
  • “Gaines said the county's email system was hit by a phishing email after a county employee opened an infected email from another county, and was soon sending out emails with the same bad attachment."
  • "Before quarantining and deleting the infected email and files, Gaines said some emails went out, with the City of Ephrata, Motorola and at least one employee in another county. He advised recipients to delete any county emails asking people to open an attachment.”
Read More

Data breach limits service at Whatcom County libraries

Breach Type – Unknown, Data Breach


  • "A data breach has limited services for Whatcom County Library patrons."
  • "The breach impacts the libraries’ email and phone systems."
  • "Curbside pickup is also impacted, as the service is scheduled through email."
  • "Perkins says that the investigation is ongoing, but they suspect the breach was caused by malware."
Read More

More than $800,000 in Seattle homeless funds intended for Mary's Place shelter may have been stolen, emails shows, King County

Breach Type – Hacking, Data Breach

Seattle Times

  • “The city of Seattle mistakenly sent more than $800,000 of funds intended to help homeless people to fraudsters…”
  • “The case may have involved someone “posing” as Mary’s Place, according to a spokesperson for the state auditor, whose office was notified of the loss in late July.”
  • “In July, the city’s Human Services Department’s chief financial officer…said in an email that the deposits were sent to a “fraudulent account” and that the city was working with the FBI and the Secret Service, which investigates cyber fraud.”
  • “A city spokesperson wrote… that federal investigators determined that the city and Mary’s Place were victims of fraud with losses totaling approximately $831,062 over a six-month period.”
Read More

Washington state data breach may have exposed personal details of licensed professionals, State of Washington

Breach Type – Hacking, Data Breach

Oregon Live

  • "The Washington State Department of Licensing said the personal information of potentially millions of licensed professionals may have been exposed after it detected suspicious activity on its online licensing system."
  • "Shut down its online platform temporarily after learning of the activity in January...Data stored on the system, which is called POLARIS, could include Social Security numbers, birth dates and driver’s license numbers."
  • "The agency doesn’t yet know whether such data was actually accessed or how many individuals may have been affected,"
  • "the agency has been working with the state Office of Cybersecurity, the state Attorney General’s Office and a third-party cybersecurity firm to understand the scope of the incident"
Read More
CT Post

  • “Based on our investigation, (Department of Licensing) has sufficient reason to believe the Professional and Business Licensing System was accessed and records were acquired without authorization,”
  • “Agency officials had initially said that the breach might have exposed the data of at least the 257,000 individuals active licenses in the system, but acknowledged that the full number was likely larger. Friday’s estimate grew to 650,000 because it included individuals with non-active licenses, and also because a single business license can include information for multiple individuals, Olson said.”
  • “The agency will begin notifying individuals who were potentially affected by the breach and providing them with credit monitoring and identity theft protection.”
Read More

Town of Tenino defrauded out of almost $300,000, Thurston County

Breach Type – Phishing, Other

Big Country News Connection

  • "The Office of the Washington State Auditor has released its findings on how the town of Tenino was bilked out of nearly $300,000 in 2020."
  • "According to the report, the person who was serving as the city’s clerk-treasurer at the time was scammed into sending the money out of state by a phishing email."
  • "An investigation by the Washington State Patrol (WSP) could not determine if the he personally benefited from the scheme. WSP turned its files over to the FBI for further investigation. So far, no charges have been filed."
  • "A total of $280,309 was sent out of state in 20 separate transactions over a six-week period in 2020."
Read More

Hackers demands $200k ransom from Tri-Cities port to unlock computer data, Port of Kennewick, Benton County

Breach Type – Unknown, Ransomware

Tri-City Herald

  • "Hackers are demanding a $200,000 ransom after placing an encryption lock on the Port of Kennewick’s computer servers and files, the port said Tuesday. Under the direction of the Federal Bureau of Investigation and advice from technology professionals, the port will not be paying the ransom.”
  • “Instead, it is working with the FBI and restoring the functioning of the port’s technology system, including rebuilding digital files from offline backups and bringing back access to the port’s email server, which is currently offline.”
  • “The cyber attack was sophisticated, using “military-grade encryption,” according to the port. Neither the FBI or the Washington state Office of Cyber Security know of a decoder for it.”
Read More

4.8 Million Patients Affected by 2021 July Healthcare Breaches, King County

Breach Type –Hacking, Data Breach

Compliancy Group

  • “Hacking incidents have continually been the prime reason behind the escalating breaches targeting healthcare organizations.”
  • “There were 26 healthcare providers targeted by hacking incidents in July, affecting 3,200,815 patients, representing 69.63% patients affected by hacking.”
  • “But the incident, which also affected private and public systems in other states, spurred the Warren County to upgrade its technology.”
  • “King County Public Hospital District No. 2 d/b/a EvergreenHealth: 22,579 patients affected.”
Read More

Douglas County Servers, Douglas County

Breach Type – Hacking, Data Breach

The Wenatchee World

  • Douglas county was one of thousands of systems affected by the Hafnium attack on Microsoft servers
  • County employees spent three days updating the servers
  • No loss of county data was reported
Read More

City of Puyallup, Pierce County

Breach Type – Unknown, Data Breach

The Suburban Times

  • Third party vendor AFTS was victim of ransomware cyberattack
  • City officials believed no direct threat to the city was evident
  • Compromised data potentially included account numbers, names, addresses, and bill amounts
Read More

City of Auburn, King County

Breach Type – Unknown, Data Breach

Auburn Examiner

  • Third party vendor was victim of cyberattack, affected government operations
  • Potentially leaked information includes account numbers, names, and addresses
  • Officials believed sensitive personal information remained intact
Read More

The Office of the Washington State Auditor Employment Security Department, State of Washington

Breach Type – Hacking, Data Breach

Bleeping Computer

  • Washington's State Auditor office has suffered a data breach that exposed the information of 1.6 million employment claims
  • Bad actors exploited a vulnerability in a secure file transfer service from Accellion
  • The exposed claims were in data files containing sensitive personal information of Washington residents
Read More
Tri-City Herald

  • Auditor's Office confirmed data breach was over 3 year period
  • Initially, Auditor's Office believed only 2020 claims were affected
  • Officials believed data included names, Social Security numbers, dates of birth, and banking information
Read More

City of Ellensburg, Kittitas County

Breach Type – Unknown, Ransomware

YakTri News

  • City government was victim of ransomware cyberattack
  • Local and federal law enforcement were contacted for assistance
  • Officials believed that the majority of their data remained encrypted
Read More

Bainbridge Island Metropolitan Park & Recreation District, Kitsap County

Breach Type - Unknown, Malware

Bainbridge Review

  • Servers were attacked by bad actor destroying employee and financial information leaving officials to pen and paper methods
  • The data does not seem to have been collected by bad actors upon initial assessment
  • Information for the public had not been accessed due to it being located on a separate server maintained by outside contractors
Read More

Benton County Government, Benton County

Breach Type - Phishing, Other

Government Technology

  • $740,000 stolen by bad actor likely originated from India
  • Bad actor created false online domain to trick county officials
  • County officials immediately reported the loss upon discovery
Read More

City of Lacey, Thurston County

Breach Type – Hacking, Data Breach

K5 News

  • Credit card information stolen by bad actors that hacked "Click2Gov" services
  • Information was stolen after customers paid bill online
  • Officials believed customers that signed up for auto-pay likely had information stolen
Read More

City of Ellensburg, Kittitas County

Breach Type – Phishing, Other

Daily Record

  • City in Washington state victim of phishing scam
  • Almost $200,000 was stolen by bad actors
  • Officials remained confidant that city would be unaffected
Read More

City of Sammamish, King County

Breach Type – Hacking, Ransomware

Komo News

  • Hackers attack city’s computer system
  • City of Sammamish investigated level of damage
  • State of Emergency was declared within the city
  • Security expert brought in for assistance
  • City states the hack has no effect on emergency services
Read More

Port of Longview, Cowlitz Co.

Breach Type - Hack


  • Hacks coming from Russia, Liberia, & Kazakhstan
  • Unknown if personal information of past & current employees compromised
  • Port mailing notifications to potentially affected
Read More

Town of Yarrow Point

Breach Type - Phishing

Seattle Times

  • Financial coordinator falls for business email compromise (BEC) scam
  • Wires $49,284 to hacker posing as Mayor
  • Money was immediately drawn by hacker when transfer was complete
Read More

City of Enumclaw

Breach Type - Cryptojack/Other

KIRO 7 News

  • W2 forms sent in phishing scheme
  • Hundreds of city employees affected
  • Citywide identity theft report filed with Enumclaw PD
Read More

Town of Yarrow Point

Breach Type - Ransomware

Stephan Lagerholm

  • Yarrow Point falls victim to cyber incident
  • Files and systems inaccessible
  • Town is working with police department to investigate
Read More
Seattle Times

  • Paid $9,170 worth of bitcoin to recover data
  • Spent $46,972.21 for services of three companies during this attack
Read More

Washington Department of Health

Breach Type - Hack


  • Part of Islamic Union test hacks of government websites
  • Hacked with pro-Islamic State messages
  • Team System Dz
  • Restored within an hour
Read More



MultiCare Notifies 23K of Third-Party Breach, Pierce County

Breach Type – Unknown, Data Breach

Health IT Security

  • ”MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith."
  • " December 23, 2022 - MultiCare Health System in Washington suffered a third-party data breach that originated at its mailing service provider, Kaye-Smith. As previously reported, the breach at Kaye-Smith impacted other healthcare organizations, including 31,573 individuals at St. Luke’s Health System in Idaho. The breach impacted more than 23,000 individuals at MultiCare."
  • ” In June 2022, Kaye-Smith hired experts to investigate suspicious activity within its digital environment. Kaye-Smith later determined that a ransomware actor had been discretely compromising files since May 2022. Names, addresses, and Social Security numbers were impacted."
Read More

Sea Mar Community Health Centers discloses breach that began last year, King County

Breach Type – Unknown, Data Breach


  • ”, threat actors gained access to Sea Mar’s network and exfiltrated what they claimed was 3 TB of data. The incident was posted on Marketo’s leaked data site in June. In Sea Mar’s case, Marketo claimed to have 201 bids for their data back in July."
  • "On June 24, 2021, Sea Mar was informed that certain Sea Mar data had been copied from its digital environment by an unauthorized actor. Upon receipt of this information, Sea Mar immediately took steps to secure its environment and commenced an investigation"
  • ”The data types involved included: name, address, Social Security number, date of birth, client identification number, medical / vision / dental / orthodontic diagnostic and treatment information, medical / vision / dental insurance information, claims information, and / or images associated with dental treatment."
Read More

MultiCare Health Systems, Pierce County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • More than 200,000 patients, providers and employees received notice of an exposure
  • Hackers had access to personal and protected information of employees, providers, applicants, contractors and patients
  • Information exposed included names, addresses, Social Security numbers, medical record numbers, bank account numbers and more
Read More

Proliance Surgeons, King County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • Any patients who have made online payments between Nov. 13th 2019 and June 24th, 2020 have been potentially exposed in data breach
  • Patients that are affected have been notified of the breach following investigations
  • Payment information including cardholder names, account numbers, and ZIP codes were exposed
Read More

Jefferson Healthcare, Jefferson County

Breach Type – Phishing, Data Breach

Becker's Hospital Review

  • The health system discovered there was unauthorized access between Nov. 9th and Nov. 12th 2020
  • Bad actors were unable to access the systems EHR and billing systems
  • Investigations discovered that over 2,000 patients were exposed in the breach
Read More

MultiCare Health System, Pierce County

Breach Type – Unknown, Data Breach

The News Tribune

  • Multicare was forced to notify its patients of a potential security breach
  • Over 25,000 nonprofit accounts were targeted in Blackbaud attack
  • Over 175,000 patients had personal information exposed
Read More

The Fred Hutchinson Cancer Research Center, King County

Breach Type – Unknown, Data Breach

Bismark Tribune

  • The blackbaud breach had no sensitive information exposed
  • Many different systems were exposed in the Blackbaud breach
  • Exposure is forcing medical systems to notify patients and donors about breach
Read More

Grays Harbor Community Hospital and Harbor Medical Group, Grays Harbor County

Breach Type – Unknown, Ransomware


  • Healthcare center discovered ransomware cyberattack on systems
  • Officials conducted extensive investigation and notified federal law enforcement
  • Most locked data was able to be restored from backups
Read More

Overlake Medical Center & Clinics, King County

Breach Type - Phishing, Data Breach

Beckers Hospital Review

  • Over 109,000 patients likely had information leaked
  • Bad actors utilized phishing in cyberattack
  • Medical center updated policies and procedures for email
Read More

Breach Grays Harbor Community Hospital & Grays Harbor Medical Group, Grays Harbor County

Breach Type – Phishing, Data

The Daily World

  • Grays Harbor Community Hospital victim of phishing cyberattack
  • Nearly 85,000 patient's personal and medical information was compromised
  • Officials unsure how extensive the damage was, or extent of financial losses
Read More
HIPAA Journal

  • Healthcare provider was late in stopping cyberattack against them
  • Bad actors demanded $1 million as ransom for data
  • Officials spent at least $545 thousand as a direct result of the attack
Read More

RS Medical, Clark County

Breach Type - Phishing, Data Breach

Data Breaches

  • About 10,000 emails were sent from a compromised account before the attack was noticed
  • The hacker had the account for less than two hours before the password was changed to lock out attackers
  • Since the extent of exposed data is unknown around 250 patients were notified of the breach
Read More

Columbia Surgical Specialists of Spokane, Spokane County

Breach Type - Hacking, Data Breach

Data Breaches

  • On February 18th, 2019 the center reported a breach
  • The breach was stated as a Hacking and IT related incident
  • It has been noted that reportedly 400,000 patients were affected by this breach
Read More
Careers Info Security

  • The Information systems manager states that the hack also involved a ransomware attack on Jan 7th
  • A security firm was able to rectify the attack and recover the data without paying the ransom
  • Some of the patient files were over 20 years old, the organization is seeking ways to contact the individuals
Read More

University of Washington School of Medicine, King County

Vulnerability, Data Breach

Seattle Pi

  • Data breach exposed protected files allowing them to be accessed
  • Files contained sensitive patient information leaving people exposed
  • Letters were sent addressing over 900,000 patients affected by this hack
Read More

Southwest Washington Regional Surgery Center, Clark County

Breach Type - Phishing, Data Breach

Data Breaches

  • Phishing attack compromised employee’s email address for at least 3 months
  • Southwest Washington Regional Surgery Center notified 2,393 potentially affected patients
  • PHI information & financial information at risk
Read More

Confluence Health, Chelan County

Breach Type - Phishing, Data Breach


  • Hackers gain access to employee email account
  • Private health information accessible to hackers
  • Financial information not affected in data breach
Read More



Peninsula College staff follows up on cyber attack, Clallam County

Breach Type – Hacking, Data Breach

Peninsula Daily News

  • "Peninsula College has received more information about the number of students, employees and retirees whose personally identifiable information may have been exposed by a third-party cybersecurity incident”
  • "Earlier this summer, filesharing application MOVEit Transfer used by hundreds of businesses and organizations worldwide was impacted by a cybersecurity incident.”
  • “The college does not use the MOVEit software, although two of the college’s vendors do: NSC and TIAA.”
  • ”One Peninsula College student was impacted by the National Student Clearinghouse (NSC) MoveIt incident, the college said in a press release, which added that the student has been notified by the college and NSC and that NSC is offering to provide two years of free credit monitoring services for the student.”
  • ”The SBCTC notified 12,400 employees and retirees across the state’s college system; PBI is offering to provide two years of free credit monitoring services to those individuals.”
Read More

Phishing scam hits Kalama School District, Cowlitz County

Breach Type – Phishing, Other


  • “The Kalama School District reports fake emails from the district were sent to staff members and a student last month, offering a phony job opportunity in an apparent phishing scam."
  • “Kalama School District spokesperson Nicholas Shanmac said three staff email accounts were compromised in mid-July."
  • Kalama Police Chief Rafael Herrera said the department was notified at about 1:44 p.m. Aug. 2 of the emails and that a parent “became aware of the scam and immediately prevented any further issues.”
Read More

Washington State University warns data breach may have hit students, employees, Whitman County

Breach Type – Unknown, Data Breach

The Center Square

  • "A data breach may have exposed the personal information of Washington State University students and employees, according to WSU Insider.”
  • "Service providers including the National Student Clearinghouse, United Healthcare and the Teachers Insurance and Annuity Association told the university personal information may have been unveiled as part of the mass hacks exploiting a security flaw in the MOVEit file transfer tool."
  • "WSU uses the NSC for enrollment, degree verification and student loan reporting services, according to WSU. The possible exposure includes personally identifiable information and education records.”
Read More

Adna School District Defrauded $346,000 in Phishing Scam, Lewis County

Breach Type – Phishing, Other

The Chronicle

  • ”The Adna School District was defrauded of $346,000 through what school officials have called a “sophisticated phishing scam,” according to Adna Superintendent Thad Nelson.”
  • ”The district announced the fraud in a detailed email to The Chronicle on Thursday, noting that after the activity was confirmed, the district notified the FBI, the Washington state Auditor’s Office and the Lewis County Treasurer’s Office as well as the district’s insurance carrier and financial institution.”
  • ”According to the district, the process had been used through the prior five months as the district paid just over $780,000 in legitimate payments toward the total project. Those payments were made by the District through physical checks.”
Read More

Shoreline College website hacked; officials investigating, King County

Breach Type – Unknown, Ransomware

Seattle Times

  • “An apparent ransomware attack forced the majority of Shoreline Community College students and staff to transition to remote work this week and prompted local and federal investigations."
  • “The disruption began on Monday. Although Shoreline’s campus — including the Parent Child Center — remains open, the college’s website was down as of Thursday evening, and Wi-Fi on campus was inaccessible. Classes and exams are being held in person when possible and the campus payroll system has not been affected. The college has bought mobile hot spots to help alleviate the inconvenience, but there are not enough for everyone.”
  • ”We can’t ask everyone to tether their phone,” said campus spokesperson Cat Chiappa. “But we are still able to run a large amount of what we’re doing, and students can still access a lot of class things they need.”
  • ”Immediately upon detecting the incident, Shoreline’s IT team took steps to contain the incident, and engaged industry leading third-party cybersecurity experts to help the investigation and restoration processes.”
Read More

WA: Whitworth confirms it was victim of ransomware attack; warns thousands of students, staff of data breach, Spokane County

Breach Type – Unknown, Ransomware

Data Breaches

  • "In August, Whitworth University confirmed they had experienced a cyberattack in July. In that statement, they pledged to notify those impacted right away. They didn’t — unless you have a very liberal definition of “right away.” Earlier this month, the university notified the state attorney general’s office of the breach, as The Spokesman-Review reports.”
  • ”As those who reported on the attack knew back in August, LockBit claimed responsibility for the attack. They had added Whitworth to their leak site but then removed the listing. Removing a listing often indicates that the victim paid the ransom demand.”
  • “Even now, however, Whitworth is not being transparent about the incident or any ransom payment, citing an ongoing criminal investigation as their excuse or explanation for not revealing more. The total number affected is not yet known, although Whitworth’s report indicates that 5,182 residents of Washington state were affected.”
Read More

Clover Park School District Investigating Possible Ransomware Attack

Breach Type - Hacking, Ransomware


  • Facing a “system outage,” the Clover Park School District is investigating why it’s “experiencing a technology issue
  • The technology issues, showing a blue screen that states, “Clover Park School District, you are f-----.” The screen also includes a link, which leads to another page with specific threats and instructions
  • Clover Park School District, you’ve been hacked,” the site states. “Pay or grief. Sensitive information will be shared to the public ... There are (not) any third-party solution(s) which can help you. But you can damage your information
Read More

Moses Lake School District, Grant County

Breach Type - Phishing, Ransomware

Security Intelligence

  • Bad actors demanded $1 million ransom
  • School district forced to rebuild 50 servers and computers
  • Personal information seemed unaffected due to separate storage
Read More

Walla Walla University, Walla Walla County

Breach Type – Unknown, Ransomware

Gov Tech

  • Internet and phone lines affected in cyberattack
  • Officials notified students to avoid using school network
  • Login credentials had been compromised in ransomware hit
Read More

Tukwila School District, King County

Breach Type – Phishing, Other


  • King County school district was victim of phishing cyberattack
  • Local police and FBI investigated the attack
  • Officials didn't release any other details, ensured policies followed
Read More

Northshore School District, King County and Snohomish County

Breach Type – Unknown, Malware


  • School District victim of cyberattack, affected three separate towns
  • Phone lines and voicemail servers affected, officials believe no personal information leaked
  • Officials Stated the attack was significant, food service payment also hit
Read More

Northwest Indian College, Whatcom County

Breach Type - Unknown, Ransomware

Data Breaches

  • A Ryuk attack had corrupted several internal files within the system like backups and other legacy data
  • The college is still open but overall limited due to the suppression of the systems, hybrid classes are especially limited
  • No questions about the cost of the ransomware will be answered to help avoid entertaining the hacker’s demands
Read More

Northwest University

Breach Type - Hack


  • Hackers infiltrated email account of Northwest University Chief Financial Officer
  • Hackers rerouted $60,000 when CFO paid a trusted vendor
  • No suspects have been arrested
Read More

North Beach School District, Skagit County

Breach Type - Phishing, Data Breach

North Beach School District

  • Business Email Compromise scheme hits school district in Skagit county
  • Hackers received 2017 W-2 forms via phishing scheme
  • North Beach School District notified the potentially affected and is working with law enforcement to further investigate the breach
Read More