Alabama Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Alabama.jpg
 

Public Safety

Alabama Fusion Center, State of Alabama

Breach Type – Hacking, Data Breach

The Hacker News

  • Recent blue lakes dump includes police and FBI reports, bulletin guides and more giving insight into law enforcement not commonly inaccessible by public
  • The data contains over millions of files including images, documents, videos, web pages, text files, emails, auto files and more
  • Investigations are looking into how many files are classified and not supposed to be public
Read More

 
Selma Police Department, Selma Fire Department, & City of Selma - Dallas County

Breach Type – Unknown, Ransomware

Selma Times Journal

  • When employees returned to work it was discovered that servers were devastated by this labor day attack
  • Both the Selma Police Department and Selma Fire Department had confirmed publicly that their servers were downed
  • Upon investigations it was thought that the ransomware may have also affected backup servers
Read More

 
Dale County Sheriff’s Office, Dale County

Breach Type - Hacking, Data Breach

Dothan First

  • Dale County Sheriff’s Office network & email system compromised
  • IT contacts investigated severity of incident
  • Sheriff’s Office temporarily disabled online pistol permit portal
  • Public advised to monitor financial data conducted with Sheriff’s office
Read More

 
City of Leeds

Breach Type - Ransomware

AL.com

  • Paid $12,000 in bitcoin for ransom
  • Had trouble with decryption codes sent by hacker
  • Leeds does not believe neighboring cities were affected
Read More
WBRC

  • City's Police & Fire Department computer systems also encrypted in ransomware attack
  • City uses insurance to negotiate ransom & pays its hackers $8,000 in bitcoin
  • Police & Fire service calls were ongoing through attack
Read More

 
Collinsville Police Department Hit by Ransomware Trojan

Breach Type - Ransomware

Softpedia News


Read More

 
BACK TO TOP

Local Government

St. Clair County Government, St. Clair County

Breach Type – Unknown, Malware

WBRC

  • The system is victim of a cyber attack but it appears that no data has left the system
  • Actions were immediately taken to mitigate damage
  • Some minor inconveniences were caused but the issue is being resolved
Read More

 
Chilton County Records, Chilton County

Breach Type – Unknown, Ransomware

CBS 42

  • Probate court records were frozen in ransomware hit
  • IT personnel detected the cyberattack, took immediate action
  • Investigation conducted by state and federal law enforcement
Read More

 
City of Florence, Lauderdale County

Breach Type – Phishing, Ransomware

WAFF

  • The City was impacted by a attack causing their email accounts to stop operations
  • Public safety was left unaffected as operations were nominal
  • It is believed that no information was lost and that this was caused by a possible phishing attack
Read More
WHNT

  • The city of Florence has confirmed the attack and has begun work with a third party IT company
  • Hackers demanded almost $300,000 of bitcoins in ransomware attempt
  • The City determined that they will pay the bad actors in hope that the information that was stolen will be deleted
Read More
Bank Info Security

  • A third party was able to find a username and password of the city's IT manager on a cyber forum
  • The researcher gave a heads up to the City in hopes to prevent any possible damages the breach may have
  • The City is working on getting more investigations conducted in hopes of prevention in the future
Read More

 
Tallapoosa County Probate Court, Tallapoosa County

Breach Type – Unknown, Ransomware

The Outlook

  • Probate court was victim of cyberattack, systems were down for half a week
  • Bad actors utilized ransomware, locked access to numerous servers
  • Officials confirmed that no personal information had been leaked in the attack
Read More

 
City of Florence, Lauderdale County

Breach Type – Unknown, Phishing

WAFF

  • The City publicly released that its networks were compromised suspending use of email accounts and server functions
  • Public safety was unaffected and all communications within were nominal
  • The nature of the attack and other forensic analysis is taking place with a third party IT company
Read More

 
South Alabama Veterans Council's website, Mobile County

Breach Type - Hacking, Other: Website Defacement

Fox 10 TV

  • Bad actors hacked website, claimed to be from Iran
  • Hackers claimed to be from "Shield Iran"
  • IT personnel took website offline while they worked on restoration
Read More

 
City of Ozark Website, Dale County

Breach Type – Hacking, Other: Website Defacement

WTVY

  • City website taken offline amid successful hack
  • Bad actors seemingly were residing within Iran
  • Local law enforcement assisted with investigation
Read More

 
Mobile Housing Board of Commissioners

Breach Type - Phishing, Other

Lagniappe Weekly

  • Mobile Housing Board of Commissioners (MHB) dealt with a cybersecurity breach
  • Email of MHB Chief Financial Officer was hacked in early spring
  • Hackers apparently intercepted emails with contractor
  • Sources confirmed $485,000 was mistakenly paid to hackers
Read More

 
Attack on Montgomery County

Breach Type - Ransomware

WSFA

  • County system locked up
  • Probate office most impacted
  • 911 not affected, on its own network
Read More
Montgomery Advertiser

  • County commissioners authorized paying $32,000 ransom
  • The hackers gave Montgomery 7 days to pay ransom before destroying all data
Read More
WSFA

  • Estimated data in concern worth over $5 million
  • Paid ransom, believes no data was compromised
Read More

 
Mobile County Maersk Terminals

Breach Type - Ransomware

AL.com

  • Hack started in Europe
  • APM terminal hacked during delivery of 2 cranes
  • Terminal had to shut down for two days
Read More

 
Alabama State Port Authority, Mobile County

Breach Type - Phishing, Data Breach

Lagniappe Weekly

  • Cyber event caused data breach of current and former employees of Alabama State Port Authority
  • Organization fell victim to a “W-2” phishing scam
  • 780 individuals’ private information compromised as a result
Read More

 
BACK TO TOP

Medical

Northport Medical Center (DCH Health), Tuscaloosa County

Breach Type - Unknown, Ransomware

CBS 42

  • Ransomware cyberattack left hospitals unable to assist new patients
  • Officials stated bad actors limited employee ability to utilize computers
  • Three hospitals were affected in cyberattack, bad actors demanded money
Read More

 
Fayette Medical Center (DCH Health), Fayette County

Breach Type - Unknown, Ransomware

WSFA

  • Medical center was forced to pay ransom to bad actors
  • Three hospitals were only able to take emergency patients
  • Cyberattack had major effects on healthcare system
Read More

 
UAB Medicine, Jefferson County

Breach Type – Phishing, Data Breach

Alabama News

  • Medical center believed thousands of patients likely had information exposed
  • Employees unwittingly provided usernames and passwords to bad actor's survey
  • Health records and billing system remained unaffected from attack
Read More

 
Sarrell Dental, Calhoun County

Breach Type – Unknown, Ransomware

SPAM Fighter

  • Patient information potentially compromised in ransomware cyberattack
  • Information was restored from backups, officials did not pay ransom
  • Any affected persons were offered identity protection services
Read More

 
DCH Regional Medical Center, Tuscaloosa County

Breach Type – Hacking, Ransomware

APR

  • Alabama Hospital resolved ransomware attack
  • Hospital paid ransom to bad actors to unlock system
  • Hospitals ceased taking majority of patients
Read More

 
Jemison Internal Medicine (JIM)

Breach Type - Ransomware

DataBreaches

  • Attack encrypted Jemison's electronic medical record (EMR) software
  • JIM did not pay ransom to its hackers, removed virus by reinstalling operating system
  • Notified patients out of abundance of caution

Read More

 
Cove Family and Sports Medicine

Breach Type - Ransomware

Cove Medicine

  • Ransomware encrypted computer system containing electronic medical software
  • Record data included private patient information
  • Cove did not pay ransom
  • Removed virus by reinstalling software & restoring data from backups
  • Backups were partially encrypted, so not all data was recovered immediately

Read More

 
BACK TO TOP

Education

Brindlee Mountain Primary School, Marshall County

Breach Type – Phishing, Other

News 19

  • Email sent to parents asked them to change their passwords
  • School officials confirmed they had not sent such a message
  • Originating email account was suspended following incident
Read More

 
Huntsville City Schools, Madison County

Breach Type – Unknown, Ransomware

WAAY 31

  • School district was victim of ransomware cyberattack
  • Student IDs and employee Social Security numbers were compromised
  • Officials assured the public that they hadn't acquiesced to the bad actors
Read More
Bleeping Computer

  • Bad actors attacked Huntsville school district forcing school shut down for rest of week
  • As students returned from Thanksgiving break the school district performed an early dismissal after cyber-attack disrupted IT systems
  • In attempt to prevent further spread of ransomware district has asked that all student loan devices be shut off until further notice
Read More

 
Lanett City Schools, Chambers County

Breach Type – Unknown, Malware

Valley Times

  • Malware attack forced city school district to shut down computer servers
  • Officials discovered suspicious message on workstation
  • Superintendent ordered all servers disconnected until malware could be investigated
Read More

 
Houston County School District, Houston County

Breach Type – Unknown, Malware

Dothaneagle

  • School district hit with malware attack, affecting phones and computers
  • Due to cyberattack, Houston County postponed school start date by several days
  • Superintendent stated that they were unsure about extent of damage to servers
Read More

 
Scottsboro City Schools

Breach Type - Phishing

WHNT 19 News

  • Scottsboro City Schools fall victim to W-2 spear phishing scheme
  • Perpetrator poses as Superintendent requesting sensitive financial information
  • Advised employees to further protecting their identities as precaution
Read More

 
Wallace Community College of Selma

Breach Type - Phishing

Selma Times Journal

  • Wallace Community College falls victim to W-2 spear phishing scam
  • Private & financial information of all current & former employees exposed
  • Wallace Community immediately became aware of fraudulent tax requests
  • Notified law enforcement & tax authorities of breach
Read More

 
Montgomery Public Schools

Breach Type - Phishing

Montgomery Advertiser

  • Montgomery Public Schools give scarce details of cyber attack
  • Many suspect a phishing email containing malware was opened
  • The IT department worked to repair the system
  • Paycheck system remained unaffected
Read More

 
Morgan County Schools

Breach Type - Phishing

WHNT News 19

  • Malicious phishing email launches aggressive virus on Morgan County School network
  • Trojan Horse Virus, known as Emotet, leaves school without internet access for a week
  • Technicians isolated the infected network
Read More

 
Escambia County School System

Breach Type - Hack

Data Breaches

  • Escambia County School System fell victim to cyber hack
  • Payroll accounting system hit with security breach
  • Employee personal data exfiltrated by hackers
  • Individual financial institutions could have been responsible for initial breach
Read More

 
BACK TO TOP