Colorado Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Colorado.jpg
 

Public Safety

County Government, Sheriff's Office, 911 Dispatch Systems Offices Close After Cyber Attack, Fremont County

Breach Type – Unknown, Malware

GovTech

  • "County administrators received an alert at 3 a.m. Wednesday that there was a problem.”
  • "It did hit the Sheriff's Office, it also hit some of the systems at the dispatch center, but we've got those fixed and corrected," Bell said. "They are up and running again."
  • "Bell said the county does have protocols in place in case of a cyber-attack, which were followed Wednesday morning.”
  • "We shut everything down to stop the damage as was possible," she said. "We sent out a reverse emergency notification to all Fremont County employees early this morning telling them to not use computers and to not log in."
Read More

 
Colorado Information Analysis Center, State of Colorado

Breach Type – Hacking, Data Breach

The Hacker News

  • Recent blue lakes dump includes police and FBI reports, bulletin guides and more giving insight into law enforcement not commonly inaccessible by public
  • The data contains over millions of files including images, documents, videos, web pages, text files, emails, auto files and more
  • Investigations are looking into how many files are classified and not supposed to be public
Read More

 
BACK TO TOP

Local Government

Colorado police investigating ransomware attack on small town, Weld County

Breach Type – Unknown, Ransomware

The Record

  • "The police department of Frederick, Colorado said it is investigating claims that the town government was hit with a ransomware attack."
  • "On Thursday, the LockBit ransomware group added the town of about 15,000 residents to its list of victims."
  • “The Frederick Police Department is working with Information Technology to verify the validity of these postings."
  • “Currently, there is no evidence of intrusion into our secure network.”
Read More

 
Denver Hit By Cyber Attack Targeting Kronos, Denver County

Breach Type – Hacking, Ransomware

CBS Local Channel 4 News

  • "The City of Denver is a victim of a large-scale cyber attack."
  • “The city uses Kronos...That company was hit by a ransomware attack and some of its customers can’t pay employees."
  • “Denver says it uses the system to track hours and overtime, but not for payroll."
Read More

 
Boulder County Payroll Systems impacted by Kronos attack, Boulder County

Breach Type – Hacking, Ransomware

Times-Call

  • "After a recent ransomware attack on Ultimate Kronos Group, a human resources management company, Boulder County’s cloud-based timekeeping and payroll processes are offline."
  • "Boulder County systems were impacted by the attack, while it’s still unknown if the attack involved a data breach."
  • “Boulder County’s Information Technology department is actively investigating any impacts to personally identifiable information and will use all available means to protect county and employee data,”
Read More

 
City of Lafayette, Boulder County

Breach Type – Unknown, Ransomware

Beloit Daily News

  • A public statement was made about the city’s compromised computer systems and the ransom that was demanded
  • Many of the city’s systems were rendered offline as bad actors hacked the city’s networks
  • Following investigations it was discovered that a phishing scam lead to the ransomware attack
Read More
Colorado Hometown Weekly

  • Officials are now warning that sensitive information may have been compromised despite earlier beliefs
  • Usernames, passwords and other sensitive data like social securities were potentially exposed causing risk of privacy
  • Officials still declare that they are unwarare of any misuse of the data at this time
Read More

 
Arapahoe County Government Systems, Arapahoe County

Breach Type – Phishing, Malware

Colorado Politics

  • Employee fell victim of phishing cyberattack
  • Seemingly legitimate CDC email contained malware
  • County officials reviewed the incident with the employee
Read More

 
Denver Public Library, Adams, Arapahoe, & Jefferson Counties

Breach Type – Unknown, Ransomware

Denverite

  • Library's computers and system were left frozen after cyberattack
  • Bad actors utilized ransomware during their hit on the public library
  • Officials refused to comment on frequency or originating location
Read More

 
City of Aurora, Arapahoe County

Breach Type – Hacking, Data Breach

9 News

  • City of Aurora was recent victim of Click2Gov data breach
  • Citizens paying their utility bill likely had names, card numbers leaked
  • City transitioned to new Paymentus system to avoid further issues
Read More

 
Town of Erie, Boulder Co. & Weld Co.

Breach Type – Phishing, Other

Denver CBS Local

  • Town officials sent over $1,000,000 to a bad actor's account
  • Bad actor claimed to be construction contractor hired by the town
  • Officials discovered that the money was wire transferred out of country
Read More

 
Archuleta County Government Systems, Archuleta County

Breach Type – Unknown, Ransomware

Pagosa Sun

  • Emergency services and dispatch remained unaffected in ransomware cyberattack
  • IT officials worked to restore systems as quickly as possible, estimated 48 hours
  • County email among systems affected by the ransomware attack
Read More
Pagosa Sun

  • Bad actors demanded $300,000 in bitcoin
  • Ransomware cyberattack encrypted all county servers
Read More

 
Fort Collins Loveland Water District and South Fort Collins Sanitation District, Larimer County

Breach Type - Unknown, Ransomware

RGJ

  • When employees went into work they could not access information including drawings and data on their computers
  • This had been the second attack in two years that the districts had fallen victim to in the past two years
  • It would seem that ransom was demanded but it had not been entertained at all by the districts and instead data was recovered without the hackers
Read More

 
Colorado Attorney General’s Office

Breach Type - Hacking, Cryptojacking

Bad Packets

  • Half a million Drupal websites affected by vulnerability
  • Websites scanned for cryptojacking script
  • 258 websites contained the reference to the malicious domain
  • The website of the Colorado Attorney General was compromised
  • The incident was reported to the US-CERT and an incident number was assigned by the NCCIC Security Operations Center thereafter
Read More

 
Colorado Department of Transportation 2nd Hit

Breach Type - Ransomware

The Denver Channel

  • A week after first ransomware hit, malicious variant hits 2nd time
  • System immediately shutdown, affecting 2,000 employees
  • Attack will not affect critical traffic operations
Read More

 
Colorado Department of Transportation

Breach Type - Ransomware

Denver Post

  • SamSam ransomware virus hijacks computers at CDOT
  • Office of Information Technology and FBI investigating incident
  • CDOT has no intention to pay ransom
Read More

 
Mental Health Institute at Pueblo, Department of Human Services

Breach Type - Phishing

Colorado Politics

  • Employee falls for phishing scam on state computer
  • No evidence that phishers accessed/misused data
  • Personal information may have been compromised
  • Read More

 
Englewood City

Breach Type - Ransomware

Englewood Herald

  • Ransomware virus impacted municipal systems and networks
  • Denver IT helped to wipe and restore systems
  • City did not pay a ransom
  • No personal information was compromised
Read More

 
Colorado State Election System

Breach Type - Hack

The Hill

  • Target of Russian Election Hacking
  • DHS notifies states a year later
  • Election systems are critical infrastructure
Read More

 
Town of Snowmass Village

Breach Type - Phishing

Aspen Daily News

  • Scammers steal $57,396 from village
  • Fraudulent email asking for wired money for construction materials
  • No personal information was compromised
  • Other internal financial procedures have since been altered
Read More

 
Larimer County

Breach Type - Hack

9 News

  • Computer systems had limited functions
  • 911 dispatch & emergency services were not affected
  • Landfill services most affected
Read More

 
BACK TO TOP

Medical

Vendor Ransomware Attack Impacts 660 Health Care Organizations, Weld County

Breach Type – Hacking, Ransomware

Health Security

  • "Accounts receivable management agency Professional Finance Company (PFC) suffered a ransomware attack that impacted 660 of its healthcare organization clients."
  • “PFC discovered the attack on February 26, 2022 and immediately engaged forensic specialists to secure its environment and investigate the incident. The investigation revealed that an unauthorized party accessed files containing certain personal information, and PFC began notifying impacted healthcare providers around May 5."
  • “"Although there has been no evidence of misuse, the unauthorized party may have accessed first and last names, accounts receivable balance and information regarding payments, addresses, birth dates, health insurance and medical treatment information, and Social Security numbers."
Read More

 
Colorado hospital targeted by phishing scam, 21,000 affected, Garfield County

Breach Type – Phishing, Data Breach

Becker Hospital Review

  • “Valley View Hospital was the target of a phishing attack when the email accounts of four employees were accessed by unauthorized individuals, affecting the personal data of about 21,000 people."
  • "On Jan. 19, the hospital learned that four of its employee email accounts had been accessed by an unauthorized user,"
  • “The access was obtained through malicious links embedded in emails disguised as legitimate correspondence from an employee within the company."
  • "On March 29, 2022, it was determined that the compromised email accounts had contained patient and employee information of 21,000 individuals."
  • "It is unknown what types of information have been compromised. 00Valley View Hospital said it does not believe any of the information had been removed from its system.”
Read More

 
South Denver Cardiology Associates Breach Impacts 287k, Arapahoe and Douglas Counties

Breach Type – Hacking, Data Breach

Health IT Security

  • “South Denver Cardiology Associates (SDCA) suffered a healthcare data breach that impacted 287,652 individuals. SDCA discovered unusual network activity on January 4, 2022, a notice on its website stated.”
  • “…an unauthorized party had accessed the network between January 2 and January 5 and accessed certain files. The files contained Social Security numbers, driver’s license numbers, health insurance information, names, birth dates, clinical information, and patient account numbers.”
  • “SDCA said it had no reason to believe that any patient information was misused as a result of the incident.”
Read More

 
Nearly 300k Heart Patients' Data Exposed, Douglas County

Breach Type – Unknown, Data Breach

InfoSecurity Magazine

  • "The protected health information (PHI) of hundreds of thousands of heart patients may have been exposed during a cyber-attack on South Denver Cardiology Associates"
  • “In a recent privacy incident notice issued to its patients, the healthcare provider disclosed that its network had been breached in January 2022. The unknown perpetrator(s) gained access to files containing information on 287,652 patients during the attack."
  • “Investigators determined that the files accessed in the attack contained patient information, which may have included patients’ names, dates of birth, Social Security numbers and/or drivers’ license numbers, patient account numbers, health insurance information and clinical information, such as physician names, dates and types of service and diagnoses."
  • "We have no indication that individuals’ information has been misused as a result of this incident.”
Read More

 
Colorado health system's email breach exposed 52,632 patients' protected information, Montrose County

Breach Type – Hacking, Data Breach

Beckers Hospital Review

  • "An email data breach at Montrose (Colo.) Regional Health went undetected for two months and affected 52,632 individuals."
  • “The hospital determined that the email accounts contained patient names, internal patient account numbers, service dates, procedure codes, provider names, health insurance provider information and treatment costs."
  • “The internal investigation was unable to determine what specific information was accessed by the hacker."
  • "No evidence has been found that the patient information has been misused, but the hospital encourages affected individuals to review their statements for any suspicious or fraudulent activity."
Read More

 
Notice of Data Incident, Denver County

Breach Type – Unknown, Data Breach

Krebs Daily

  • "The Urology Center of Colorado (“TUCC”) announces a data incident that may have impacted individuals’ information."
  • “On September 8, 2021, TUCC discovered that certain parts of its network may have been accessed and therefore launched an investigation. The investigation determined that an individual may have accessed the network for a brief period of time between September 7th and September 8th of 2021."
  • “The type of information varies by individual but includes name and one or more of the following data elements: date of birth, Social Security number, address, phone number, email address, medical record number, diagnosis, treating physician, insurance provider, treatment cost, and/or guarantor name."
  • ” TUCC changed account passwords and is implementing additional security measures. In an abundance of caution, TUCC is offering potentially impacted individual’s access to credit monitoring and identity protection services."
Read More

 
Colorado Retina Associates, Denver County

Breach Type – Phishing, Data Breach

Becker's Hospital Review

  • Over 26,000 patients were notified that an unauthorized party gained access to employee email accounts
  • Once bad actors gained access to the accounts they were used to send out phishing emails to individuals in the email contacts
  • Investigations concluded that hackers accessed two user accounts that contained patient information
Read More

 
The Mental Health Center of Boulder County Inc.

Breach Type – Unknown, Data Breach

Daily Camera

  • Client and employee information likely accessed during data breach
  • Names, dates of birth, Social Security numbers among involved info
  • Healthcare center provided credit monitoring services to affected individuals
Read More

 
Children's Hospital of Colorado, Adams County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review

  • Over 2,500 patients were contacted following a phishing scheme that potentially exposed sensitive information
  • Information that may have been exposed included names, date of services, medical record numbers, ZIP codes and clinical diagnosis information
  • There is no evidence that the data is being used in a bad manner prompting the hospital to take security measures
Read More

 
Rangely District Hospital, Rio Blanco County

Breach Type – Unknown, Ransomware

The Herald Times

  • Unknown number of patients' information leaked following ransomware
  • Healthcare center was able to restore most data from backups
  • Officials confirmed that they did not pay the ransom, hired outside IT
Read More

 
Parkville Medical Center, Pueblo County

Breach Type – Unknown, Ransomware

KOAA News 5

  • Numerous systems were hit in ransomware cyberattack
  • Officials reassured the public that patients could still be treated
  • Healthcare center worked diligently to restore services
Read More
FOX 21 News

  • Healthcare center employee confirmed patient storage hit
  • Bad actor's used ransomware in cyberattack
  • Employee confirmed hospital was forced to utilize paper records
Read More

 
Estes Park Health, Larimer County

Breach Type - Unknown, Ransomware

Eptrail

  • During normal operations it was noticed that several files were being locked down
  • Upon discovery servers were shut down and access to the data center was cut off
  • In an attempt to recover data, EPH paid the ransomware additionally using their insurance to pay
Read More

 
Long Peaks Family Practice

Breach Type - Ransomware

Healthcare IT News

  • Hit with two ransomware attacks Nov. 5th & Nov. 10th
  • IT team too late to protect servers before hackers could encrypt files
  • Rebuilt systems thanks to backups
  • Hired investigators to help with second attack
  • Investigators concluded hackers accessed system on three separate occasions
  • Patient files potentially accessed
  • Practice offering a year of free credit monitoring to potentially affected patients
Read More

 
Edina Fertility Clinic

Breach Type - Ransomware

Star Tribune

  • Ransomware launches on Edina Fertility Clinic
  • Patients worried about personal data being accessible
  • No evidence of information misuse has surfaced
Read More

 
Children's Hospital Colorado

Breach Type - Hack

KDVR

  • Employee email account hacked
  • 3,400 patient families potentially affected
  • No sensitive financial information compromised
Read More

 
Allergy, Asthma & Immunology of the Rockies

Breach Type - Ransomware

Health IT Security

  • Discovered ransomware on its computer systems (EMR Systems)
  • IT specialists recommended completely replacing hard drives
  • Systems restored and safely brought back online
Read More

 
BACK TO TOP

Education

Cyberattack exposes data of 30,000 people connected with CU Boulder, Boulder County

Breach Type – Hacking, Data Breach

CPR News

  • "About 30,000 current and former employees and students at the University of Colorado Boulder have had personally identifiable information breached in a cyberattack.”
  • “A hacker exploited a vulnerability found in a file-sharing service provided by the software company Atlassian, which is primarily used by CU’s Office of Information Technology.”
  • “Some files accessed by the hacker included “names, student ID numbers, addresses, dates of birth, phone numbers and genders.” Social security numbers and financial information were not included in the files, but with the data they did get, malicious actors could potentially commit fraud or answer security questions.”
  • "CU said the vulnerability should be patched now.”
Read More

 
Regis University, Denver County

Breach Type – Unknown, Ransomware

The Denver Channel

  • University officials disabled computer network
  • Officials believed it would help mitigate damage
  • IT staff continued to investigate the cyberattack
Read More
9 News

  • 1,800 computers infected during ransomware cyberattack
  • Officials believed bad actors originated outside the country
  • IT staff continued to work on restoring the computers
Read More

 
Denver Public Schools

Breach Type - Phishing

KDVR

  • Direct deposit phishing scam leaves $40,000 stolen from employees
  • Training for phishing scams and firewalls were not enough to bypass incident
  • Malicious email extremely convincing, 30 employees fell for it
  • School district has since repaid employees
Read More


 
BACK TO TOP