CVA reports data security breach involving some patient information, Jefferson County
Breach Type –
Unknown, Data Breach
ABC3340.com
February 3rd, 2023
- "Cardiovascular Associates (CVA) has started informing patients of a data security incident which may have affected some people's personal information. CVA, which has multiple locations in and around Birmingham, released a statement Friday to address the breach which happened near the end of November of last year.”
- "The group said it discovered the breach on Dec. 5, 2022 when unauthorized activity was noticed on certain systems within CVA's network. In response to that discovery, steps were taken to restrict the unauthorized access and an investigation was launched with a nation forensic firm assisting."
- ”In the course of the investigation, CVA said it determined an unauthorized third party was able to access certain systems that contained personal information and remove a copy of some data from the network between Nov. 28 and Dec. 5.”
- ”Students have the day off, although James Rumsey Technical Institute, which serves students in all three counties in the Eastern Panhandle, is open. “As we serve students from Jefferson and Morgan counties, as well as adult students JRTI is OPEN on Monday, February 6. We will continue to work with all students during these transitions and encourage students to remain in contact with their instructors.” Students from Berkeley County can be dropped off by parents, but there is no penalty for those students not coming to class at Rumsey.”
- ”CVA said some personal information was involved with the breach and included a list of some things which may have been copied.
Demographic information to identify and contact the patient, such as full name, date of birth, and address, Social Security number, Health insurance information, such as name of insurer/government payor and member ID, policy and/or group number, Medical and treatment information, such as medical record number, dates of service, provider and facility names, other visit, procedure and diagnosis information, and possibly assessments, tests and imaging, Billing and claims information, such as account and/or claim status, billing and diagnostic codes, and payor information, Passport and driver’s license number, Credit and debit card information, and Financial account information,
Read More
Alexander City falls victim to cyber attack, Tallapoosa County
Breach Type –
Unknown, Ransomware
The Outlook
January 24th, 2023
- “The Alexander City City Council called an emergency public meeting Tuesday to discuss the city’s response to a ransomware attack.
Alexander City Mayor Woody Baird informed council members that the attack was first discovered Tuesday morning, and that, according to Baird, the city received a ransom letter during the security breach. "
- “This morning as people were coming in at 7 a.m., we realized that we had a ransomware attack,” Baird said. “We immediately went to our insurance company because we do have insurance for this. They have many different branches and so they are all going to attack it.”
- ”City IT (information technology) director Joe Milam then addressed city leaders regarding the extent of the attack.”.
- ”I was able to go back and actually get the backup because this impacted not only my physical servers, but my virtual servers as well. My whole vCenter [software], which is my virtual server environment, I can’t even get to passwords because they have been changed,” Milam said.
- ”Milam said he is unaware of how the attack occurred, or exactly the magnitude of the security breach.
“What we're hoping as this process goes through, that those backups have not been tampered with. The concern after the discussion today is how far back could those files be compromised. This guy, he or she, or this team could have been on our network for seven to 10 days or longer, we don't know.”
According to Baird, the breach is currently impacting the city’s phone lines, but said that 9-1-1 and utility collections seem unaffected at this present time.”
Read More
Mobile County Hit by Cyber Attack
Breach Type –
Unknown, Ransomware
Fox10 Local News
June 2nd, 2021
- “Mobile County government officials Friday said they are alerted all employees – more than 1,600 people – that their Social Security numbers, dates of birth and other sensitive information may have bene compromised in a computer attack in May.”
- “The county also disclosed on Friday that it learned on July 13 that the health insurance contract number for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county, also were at risk.”
- "Brian Linder, a ransomware expert for the cybersecurity firm Check Point Software, told FOX10 News last week that his firm has reviewed a ransomware demand posted by the group purportedly responsible for the Mobile County attack. He said he could not verify the group’s claims but added they sound plausible.”
- “The volume of data that was stolen during the attack was fairly significant,” he said. “It looks like 90 gigabytes of data, which is quite a bit of data.”
Read More
St. Clair County Government, St. Clair County
Breach Type –
Unknown, Malware
WBRC
September 23rd, 2020
-
The system is victim of a cyber attack but it appears that no data has left the system
-
Actions were immediately taken to mitigate damage
-
Some minor inconveniences were caused but the issue is being resolved
Read More
Chilton County Records, Chilton County
Breach Type –
Unknown, Ransomware
CBS 42
July 7th, 2020
-
Probate court records were frozen in ransomware hit
-
IT personnel detected the cyberattack, took immediate action
-
Investigation conducted by state and federal law enforcement
Read More
City of Florence, Lauderdale County
Breach Type –
Phishing, Ransomware
WAFF
June 8th, 2020
-
The City was impacted by a attack causing their email accounts to stop operations
-
Public safety was left unaffected as operations were nominal
-
It is believed that no information was lost and that this was caused by a possible phishing attack
Read More
WHNT
June 11th, 2020
-
The city of Florence has confirmed the attack and has begun work with a third party IT company
-
Hackers demanded almost $300,000 of bitcoins in ransomware attempt
-
The City determined that they will pay the bad actors in hope that the information that was stolen will be deleted
Read More
Bank Info Security
June 12th, 2020
-
A third party was able to find a username and password of the city's IT manager on a cyber forum
-
The researcher gave a heads up to the City in hopes to prevent any possible damages the breach may have
-
The City is working on getting more investigations conducted in hopes of prevention in the future
Read More
Tallapoosa County Probate Court, Tallapoosa County
Breach Type –
Unknown, Ransomware
The Outlook
June 19th, 2020
-
Probate court was victim of cyberattack, systems were down for half a week
-
Bad actors utilized ransomware, locked access to numerous servers
-
Officials confirmed that no personal information had been leaked in the attack
Read More
City of Florence, Lauderdale County
Breach Type –
Unknown, Phishing
WAFF
June 8th, 2020
-
The City publicly released that its networks were compromised suspending use of email accounts and server functions
-
Public safety was unaffected and all communications within were nominal
-
The nature of the attack and other forensic analysis is taking place with a third party IT company
Read More
South Alabama Veterans Council's website, Mobile County
Breach Type -
Hacking, Other: Website Defacement
Fox 10 TV
January 7th, 2020
-
Bad actors hacked website, claimed to be from Iran
-
Hackers claimed to be from "Shield Iran"
-
IT personnel took website offline while they worked on restoration
Read More
City of Ozark Website, Dale County
Breach Type –
Hacking, Other: Website Defacement
WTVY
January 11th, 2020
-
City website taken offline amid successful hack
-
Bad actors seemingly were residing within Iran
-
Local law enforcement assisted with investigation
Read More
Mobile Housing Board of Commissioners
Breach Type - Phishing, Other
Lagniappe Weekly
September 19th, 2018
- Mobile Housing Board of Commissioners (MHB) dealt with a cybersecurity breach
- Email of MHB Chief Financial Officer was hacked in early spring
- Hackers apparently intercepted emails with contractor
- Sources confirmed $485,000 was mistakenly paid to hackers
Read More
Attack on Montgomery County
Breach Type - Ransomware
WSFA
September 18th, 2017
- County system locked up
- Probate office most impacted
- 911 not affected, on its own network
Read More
Montgomery Advertiser
September 21st, 2017
- County commissioners authorized paying $32,000 ransom
- The hackers gave Montgomery 7 days to pay ransom before destroying all data
Read More
WSFA
September 27th, 2017
- Estimated data in concern worth over $5 million
- Paid ransom, believes no data was compromised
Read More
Mobile County Maersk Terminals
Breach Type - Ransomware
AL.com
June 28th, 2017
- Hack started in Europe
- APM terminal hacked during delivery of 2 cranes
- Terminal had to shut down for two days
Read More
Alabama State Port Authority, Mobile County
Breach Type - Phishing, Data Breach
Lagniappe Weekly
March 6th, 2017
- Cyber event caused data breach of current and former employees of Alabama State Port Authority
- Organization fell victim to a “W-2” phishing scam
- 780 individuals’ private information compromised as a result
Read More
BACK TO TOP