Alabama Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Alabama.jpg
 

Public Safety

Madison County Jail, Madison County

Breach Type – Hacking, Other

GCN

  • A number of police departments, prisons, schools, hospitals and major technology firms were exposed in recent cyber breach
  • An international attack is to blame for the infiltration into the cloud based systems
  • Bad actors were able to gain access to over 150,000 camera systems
Read More
WTOP

  • Hackers were successfully identified as a "hacktivist" group that accessed the camera feeds
  • Several Institutions including hospitals, schools, factories, jails and corporate offices were exposed to bad actors
  • Verkada was able to lock out hackers by disabling all internal administrator accounts
Read More

 
Alabama Fusion Center, State of Alabama

Breach Type – Hacking, Data Breach

The Hacker News

  • Recent blue lakes dump includes police and FBI reports, bulletin guides and more giving insight into law enforcement not commonly inaccessible by public
  • The data contains over millions of files including images, documents, videos, web pages, text files, emails, auto files and more
  • Investigations are looking into how many files are classified and not supposed to be public
Read More

 
Selma Police Department, Selma Fire Department, & City of Selma - Dallas County

Breach Type – Unknown, Ransomware

Selma Times Journal

  • When employees returned to work it was discovered that servers were devastated by this labor day attack
  • Both the Selma Police Department and Selma Fire Department had confirmed publicly that their servers were downed
  • Upon investigations it was thought that the ransomware may have also affected backup servers
Read More

 
Dale County Sheriff’s Office, Dale County

Breach Type - Hacking, Data Breach

Dothan First

  • Dale County Sheriff’s Office network & email system compromised
  • IT contacts investigated severity of incident
  • Sheriff’s Office temporarily disabled online pistol permit portal
  • Public advised to monitor financial data conducted with Sheriff’s office
Read More

 
City of Leeds

Breach Type - Ransomware

AL.com

  • Paid $12,000 in bitcoin for ransom
  • Had trouble with decryption codes sent by hacker
  • Leeds does not believe neighboring cities were affected
Read More
WBRC

  • City's Police & Fire Department computer systems also encrypted in ransomware attack
  • City uses insurance to negotiate ransom & pays its hackers $8,000 in bitcoin
  • Police & Fire service calls were ongoing through attack
Read More

 
Collinsville Police Department Hit by Ransomware Trojan

Breach Type - Ransomware

Softpedia News


Read More

 
BACK TO TOP

Local Government

CVA reports data security breach involving some patient information, Jefferson County

Breach Type – Unknown, Data Breach

ABC3340.com

  • "Cardiovascular Associates (CVA) has started informing patients of a data security incident which may have affected some people's personal information. CVA, which has multiple locations in and around Birmingham, released a statement Friday to address the breach which happened near the end of November of last year.”
  • "The group said it discovered the breach on Dec. 5, 2022 when unauthorized activity was noticed on certain systems within CVA's network. In response to that discovery, steps were taken to restrict the unauthorized access and an investigation was launched with a nation forensic firm assisting."
  • ”In the course of the investigation, CVA said it determined an unauthorized third party was able to access certain systems that contained personal information and remove a copy of some data from the network between Nov. 28 and Dec. 5.”
  • ”Students have the day off, although James Rumsey Technical Institute, which serves students in all three counties in the Eastern Panhandle, is open. “As we serve students from Jefferson and Morgan counties, as well as adult students JRTI is OPEN on Monday, February 6. We will continue to work with all students during these transitions and encourage students to remain in contact with their instructors.” Students from Berkeley County can be dropped off by parents, but there is no penalty for those students not coming to class at Rumsey.”
  • ”CVA said some personal information was involved with the breach and included a list of some things which may have been copied. Demographic information to identify and contact the patient, such as full name, date of birth, and address, Social Security number, Health insurance information, such as name of insurer/government payor and member ID, policy and/or group number, Medical and treatment information, such as medical record number, dates of service, provider and facility names, other visit, procedure and diagnosis information, and possibly assessments, tests and imaging, Billing and claims information, such as account and/or claim status, billing and diagnostic codes, and payor information, Passport and driver’s license number, Credit and debit card information, and Financial account information,
Read More

 
Alexander City falls victim to cyber attack, Tallapoosa County

Breach Type – Unknown, Ransomware

The Outlook

  • “The Alexander City City Council called an emergency public meeting Tuesday to discuss the city’s response to a ransomware attack. Alexander City Mayor Woody Baird informed council members that the attack was first discovered Tuesday morning, and that, according to Baird, the city received a ransom letter during the security breach. "
  • “This morning as people were coming in at 7 a.m., we realized that we had a ransomware attack,” Baird said. “We immediately went to our insurance company because we do have insurance for this. They have many different branches and so they are all going to attack it.”
  • ”City IT (information technology) director Joe Milam then addressed city leaders regarding the extent of the attack.”.
  • ”I was able to go back and actually get the backup because this impacted not only my physical servers, but my virtual servers as well. My whole vCenter [software], which is my virtual server environment, I can’t even get to passwords because they have been changed,” Milam said.
  • ”Milam said he is unaware of how the attack occurred, or exactly the magnitude of the security breach. “What we're hoping as this process goes through, that those backups have not been tampered with. The concern after the discussion today is how far back could those files be compromised. This guy, he or she, or this team could have been on our network for seven to 10 days or longer, we don't know.” According to Baird, the breach is currently impacting the city’s phone lines, but said that 9-1-1 and utility collections seem unaffected at this present time.”
Read More

 
Mobile County Hit by Cyber Attack

Breach Type – Unknown, Ransomware

Fox10 Local News

  • “Mobile County government officials Friday said they are alerted all employees – more than 1,600 people – that their Social Security numbers, dates of birth and other sensitive information may have bene compromised in a computer attack in May.”
  • “The county also disclosed on Friday that it learned on July 13 that the health insurance contract number for employees subscribed to receive health coverage and routing numbers for employees enrolled in direct deposit with the county, also were at risk.”
  • "Brian Linder, a ransomware expert for the cybersecurity firm Check Point Software, told FOX10 News last week that his firm has reviewed a ransomware demand posted by the group purportedly responsible for the Mobile County attack. He said he could not verify the group’s claims but added they sound plausible.”
  • “The volume of data that was stolen during the attack was fairly significant,” he said. “It looks like 90 gigabytes of data, which is quite a bit of data.”
Read More

 
St. Clair County Government, St. Clair County

Breach Type – Unknown, Malware

WBRC

  • The system is victim of a cyber attack but it appears that no data has left the system
  • Actions were immediately taken to mitigate damage
  • Some minor inconveniences were caused but the issue is being resolved
Read More

 
Chilton County Records, Chilton County

Breach Type – Unknown, Ransomware

CBS 42

  • Probate court records were frozen in ransomware hit
  • IT personnel detected the cyberattack, took immediate action
  • Investigation conducted by state and federal law enforcement
Read More

 
City of Florence, Lauderdale County

Breach Type – Phishing, Ransomware

WAFF

  • The City was impacted by a attack causing their email accounts to stop operations
  • Public safety was left unaffected as operations were nominal
  • It is believed that no information was lost and that this was caused by a possible phishing attack
Read More
WHNT

  • The city of Florence has confirmed the attack and has begun work with a third party IT company
  • Hackers demanded almost $300,000 of bitcoins in ransomware attempt
  • The City determined that they will pay the bad actors in hope that the information that was stolen will be deleted
Read More
Bank Info Security

  • A third party was able to find a username and password of the city's IT manager on a cyber forum
  • The researcher gave a heads up to the City in hopes to prevent any possible damages the breach may have
  • The City is working on getting more investigations conducted in hopes of prevention in the future
Read More

 
Tallapoosa County Probate Court, Tallapoosa County

Breach Type – Unknown, Ransomware

The Outlook

  • Probate court was victim of cyberattack, systems were down for half a week
  • Bad actors utilized ransomware, locked access to numerous servers
  • Officials confirmed that no personal information had been leaked in the attack
Read More

 
City of Florence, Lauderdale County

Breach Type – Unknown, Phishing

WAFF

  • The City publicly released that its networks were compromised suspending use of email accounts and server functions
  • Public safety was unaffected and all communications within were nominal
  • The nature of the attack and other forensic analysis is taking place with a third party IT company
Read More

 
South Alabama Veterans Council's website, Mobile County

Breach Type - Hacking, Other: Website Defacement

Fox 10 TV

  • Bad actors hacked website, claimed to be from Iran
  • Hackers claimed to be from "Shield Iran"
  • IT personnel took website offline while they worked on restoration
Read More

 
City of Ozark Website, Dale County

Breach Type – Hacking, Other: Website Defacement

WTVY

  • City website taken offline amid successful hack
  • Bad actors seemingly were residing within Iran
  • Local law enforcement assisted with investigation
Read More

 
Mobile Housing Board of Commissioners

Breach Type - Phishing, Other

Lagniappe Weekly

  • Mobile Housing Board of Commissioners (MHB) dealt with a cybersecurity breach
  • Email of MHB Chief Financial Officer was hacked in early spring
  • Hackers apparently intercepted emails with contractor
  • Sources confirmed $485,000 was mistakenly paid to hackers
Read More

 
Attack on Montgomery County

Breach Type - Ransomware

WSFA

  • County system locked up
  • Probate office most impacted
  • 911 not affected, on its own network
Read More
Montgomery Advertiser

  • County commissioners authorized paying $32,000 ransom
  • The hackers gave Montgomery 7 days to pay ransom before destroying all data
Read More
WSFA

  • Estimated data in concern worth over $5 million
  • Paid ransom, believes no data was compromised
Read More

 
Mobile County Maersk Terminals

Breach Type - Ransomware

AL.com

  • Hack started in Europe
  • APM terminal hacked during delivery of 2 cranes
  • Terminal had to shut down for two days
Read More

 
Alabama State Port Authority, Mobile County

Breach Type - Phishing, Data Breach

Lagniappe Weekly

  • Cyber event caused data breach of current and former employees of Alabama State Port Authority
  • Organization fell victim to a “W-2” phishing scam
  • 780 individuals’ private information compromised as a result
Read More

 
BACK TO TOP

Medical

NorthStar Emergency Medical Services - Notice of Data Security Incident, Tuscaloosa County

Breach Type – Unknown, Data Breach

PR Newswire

  • "NorthStar Emergency Medical Services ("NorthStar") has learned of a data security incident that may have impacted data belonging to certain current and former patients."
  • "On September 16, 2022, NorthStar discovered unusual activity in its digital environment. Upon discovering this activity, it immediately took steps to secure the environment and engaged independent cybersecurity experts to conduct an investigation. As a result of the investigation, NorthStar learned that an unauthorized actor accessed certain data stored on its network."
  • ”On March 8, 2023, as a result of this review, NorthStar determined that information belonging to certain individuals may have been impacted by the incident.”
  • ”While NorthStar has no evidence that any information potentially involved in this incident has been misused, out of an abundance of caution, NorthStar is informing affected individuals about the steps they can take to help protect their information. The potentially affected information may include individuals' names, Social Security numbers, dates of birth, patient ID number, treatment information, Medicare/Medicaid number, and/or health insurance information.”
  • ”NorthStar has taken steps in response to this incident and has made alterations to its cyber environment to help prevent similar incidents from occurring in the future. NorthStar has also reported the incident to law enforcement.”
Read More

 
Alabama Women's Health Center Suffers Data Breach, 34K Impacted, Madison County

Breach Type – Hacking, Data Breach

Health IT Security

  • "September 09, 2022 - Birmingham, Alabama-based Henderson & Walton Women’s Center, P.C. (HWWC) disclosed a data breach that impacted more than 34,000 individuals."
  • "Nevertheless, because the hackers gained access to the email account, it was necessary to investigate whether they were able to view emails and attachments contained in it."
  • "HWWC is also working toward establishing a system to eliminate the sharing of any personal information via email at all. HWWC also provided impacted individuals with one year of credit monitoring"
Read More

 
Norwood Clinic Cyberattack Claims 228k Victims, Jefferson County

Breach Type – Hacking, Data Breach

Health IT Security

  • “On October 22, 2021, Norwood Clinic discovered that it was the victim of a cyberattack that resulted in unauthorized data access, a notice on the clinic’s website explained. Norwood said it immediately took steps to secure its systems and engaged cybersecurity experts to conduct an investigation.”
  • “However, the investigation was unable to confirm the specific information that may have been accessed,” the notice stated.
  • “The impacted server contained patient names, contact information, driver’s license numbers, Social Security numbers, birth dates, health insurance policy numbers, and limited health information.”
  • “Norwood Clinic said that it has since implemented revised email policies, added password complexity rules, and updated network security hardware and login mechanisms.”
Read More

 
Northport Medical Center (DCH Health), Tuscaloosa County

Breach Type - Unknown, Ransomware

CBS 42

  • Ransomware cyberattack left hospitals unable to assist new patients
  • Officials stated bad actors limited employee ability to utilize computers
  • Three hospitals were affected in cyberattack, bad actors demanded money
Read More

 
Fayette Medical Center (DCH Health), Fayette County

Breach Type - Unknown, Ransomware

WSFA

  • Medical center was forced to pay ransom to bad actors
  • Three hospitals were only able to take emergency patients
  • Cyberattack had major effects on healthcare system
Read More

 
UAB Medicine, Jefferson County

Breach Type – Phishing, Data Breach

Alabama News

  • Medical center believed thousands of patients likely had information exposed
  • Employees unwittingly provided usernames and passwords to bad actor's survey
  • Health records and billing system remained unaffected from attack
Read More

 
Sarrell Dental, Calhoun County

Breach Type – Unknown, Ransomware

SPAM Fighter

  • Patient information potentially compromised in ransomware cyberattack
  • Information was restored from backups, officials did not pay ransom
  • Any affected persons were offered identity protection services
Read More

 
DCH Regional Medical Center, Tuscaloosa County

Breach Type – Hacking, Ransomware

APR

  • Alabama Hospital resolved ransomware attack
  • Hospital paid ransom to bad actors to unlock system
  • Hospitals ceased taking majority of patients
Read More

 
Jemison Internal Medicine (JIM)

Breach Type - Ransomware

DataBreaches

  • Attack encrypted Jemison's electronic medical record (EMR) software
  • JIM did not pay ransom to its hackers, removed virus by reinstalling operating system
  • Notified patients out of abundance of caution

Read More

 
Cove Family and Sports Medicine

Breach Type - Ransomware

Cove Medicine

  • Ransomware encrypted computer system containing electronic medical software
  • Record data included private patient information
  • Cove did not pay ransom
  • Removed virus by reinstalling software & restoring data from backups
  • Backups were partially encrypted, so not all data was recovered immediately

Read More

 
BACK TO TOP

Education

TCS warns that employee emails have been compromised, sending out spam, Jefferson County

Breach Type – Phishing, Other

Trussville Tribune

  • "Trussville City Schools announce on social media this afternoon that several TCS employee email accounts have been compromised and accounts are sending out spam.”
  • "These phishing emails contain a scanned file from a Xerox multi-function printer,” a post on the TCS Facebook states."
  • "Please do not click on the attachment as this is a phishing email. If you did click on the link, we recommend you change your passwords immediately.”
Read More

 
Madison City Schools, Madison County

Breach Type – Unknown, Ransomware

WHNT News 19

  • IT team noticed suspicious activity on school servers April 29th
  • Damaged systems are being rebuilt from backups
  • Investigation is ongoing
Read More

 
University of Alabama Huntsville, Madison County

Breach Type – Phishing, Data Breach

WAFF 48

  • Several email accounts were compromised following cyberattack
  • Emails did contain personal information including names, dates of birth, Social Security numbers
  • University notified 272 individuals of the breach
Read More

 
Brindlee Mountain Primary School, Marshall County

Breach Type – Phishing, Other

News 19

  • Email sent to parents asked them to change their passwords
  • School officials confirmed they had not sent such a message
  • Originating email account was suspended following incident
Read More

 
Huntsville City Schools, Madison County

Breach Type – Unknown, Ransomware

WAAY 31

  • School district was victim of ransomware cyberattack
  • Student IDs and employee Social Security numbers were compromised
  • Officials assured the public that they hadn't acquiesced to the bad actors
Read More
Bleeping Computer

  • Bad actors attacked Huntsville school district forcing school shut down for rest of week
  • As students returned from Thanksgiving break the school district performed an early dismissal after cyber-attack disrupted IT systems
  • In attempt to prevent further spread of ransomware district has asked that all student loan devices be shut off until further notice
Read More

 
Lanett City Schools, Chambers County

Breach Type – Unknown, Malware

Valley Times

  • Malware attack forced city school district to shut down computer servers
  • Officials discovered suspicious message on workstation
  • Superintendent ordered all servers disconnected until malware could be investigated
Read More

 
Houston County School District, Houston County

Breach Type – Unknown, Malware

Dothaneagle

  • School district hit with malware attack, affecting phones and computers
  • Due to cyberattack, Houston County postponed school start date by several days
  • Superintendent stated that they were unsure about extent of damage to servers
Read More

 
Scottsboro City Schools

Breach Type - Phishing

WHNT 19 News

  • Scottsboro City Schools fall victim to W-2 spear phishing scheme
  • Perpetrator poses as Superintendent requesting sensitive financial information
  • Advised employees to further protecting their identities as precaution
Read More

 
Wallace Community College of Selma

Breach Type - Phishing

Selma Times Journal

  • Wallace Community College falls victim to W-2 spear phishing scam
  • Private & financial information of all current & former employees exposed
  • Wallace Community immediately became aware of fraudulent tax requests
  • Notified law enforcement & tax authorities of breach
Read More

 
Montgomery Public Schools

Breach Type - Phishing

Montgomery Advertiser

  • Montgomery Public Schools give scarce details of cyber attack
  • Many suspect a phishing email containing malware was opened
  • The IT department worked to repair the system
  • Paycheck system remained unaffected
Read More

 
Morgan County Schools

Breach Type - Phishing

WHNT News 19

  • Malicious phishing email launches aggressive virus on Morgan County School network
  • Trojan Horse Virus, known as Emotet, leaves school without internet access for a week
  • Technicians isolated the infected network
Read More

 
Escambia County School System

Breach Type - Hack

Data Breaches

  • Escambia County School System fell victim to cyber hack
  • Payroll accounting system hit with security breach
  • Employee personal data exfiltrated by hackers
  • Individual financial institutions could have been responsible for initial breach
Read More

 
BACK TO TOP