Illinois Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Illinois.jpg
 

Public Safety

City of Alton and Alton Police and Fire Departments, Madison County

Breach Type – Unknown, Malware

The Telegraph

  • Mayor of Alton confirms a "data incident" on March 5th, 2021
  • City servers, including Police and Fire Department functionality, were impacted
  • Full functionality of city systems is still being restored
Read More

 
Chicago Police Department, Cook County

Breach Type – Hacking, Other

BroBible

  • Chicago and Minneapolis police departments were victim of cyberattack
  • Police communications were hacked, random music and other sounds were played over radio
  • Anonymous claimed responsibility for the attacks on both departments
Read More

 
Chicago Police Department, Cook County

Breach Type – Hacking, Other

Chicago Sun Times

  • Police radio and dispatch were inundated with rogue transmissions
  • Elaborate cyberattack substantially disrupted law enforcement communications
  • Officials confirmed that most officer's radios aren't protected
Read More

 
Herrin Police Department Website, Williamson County

Breach Type – Unknown, Other: Website Defacement

14 News

  • Bad actors that posted lewd pictures to PD Google Review caused 911 lines to be bogged down
  • Officials stated they would do a better job keeping track of their page
  • Both Google officials and statewide law enforcement agencies were notified of the cyberattack
Read More

 
City of Harvard Tornado Early Warning System, McHenry County

Breach Type - Hacking, Other

NBC Chicago

  • Following several attacks a McHenry county city plans to remove its siren system
  • After investigation is was revealed that the malfunctions were due to attacks on the system
  • Due to the several false alarms many emergency and non-emergency calls were made clogging up 911 systems
Read More

 
Will County 911, Police & Fire Services, Will County

Breach Type - Malware

The Herald-News

  • Virus infected Will County computer systems
  • Virus inhibited officers’ & firefighters’ ability to communicate in field with Will County 911 over mobile internet connection
  • Virus did not affect 911 phone system, radio, or CAD system
  • Officers manually filed reports rather than through online methods
  • No sensitive data or EMS reports accessed by hackers
Read More

 
Marion County Sheriff's Office

Breach Type - Data Breach

X95 Radio

  • Security breach compromised & removed private data
  • Affects those booked into Marion County Jail
  • Sheriff's office implementing additional safeguards to prevent future breaches
Read More

 
Wood River PD Prevents Major Attack

Breach Type - Ransomware

The Telegraph

  • Hackers phished for vital information to Wood River PD
  • PD officials recognized ransomware and locked department out of computer systems
  • Had redundancy server (backup server) set up to protect information
Read More
Tech Talk

  • No information was accessed during attack
Read More

 
Roxana PD Falls Victim

Breach Type - Ransomware

Fox 2 Now

  • Chief of Police confirms ransomware infected computer systems
  • FBI asked to aid Roxana PD
  • Chief did not pay ransom
Read More

 
Suburban Chicago Police Department Pays $500 Ransom

Breach Type - Ransomware

Inquisitr


Read More

 
BACK TO TOP

Local Government

DeKalb County Board Chairman Says Personal Information Not Stolen in Ransomware Attack, DeKalb County

Breach Type – Phishing, Ransomware

WSPY News

  • “DeKalb County Board Chairman John Frieders says personal information is not thought to have been stolen in Monday's ransomware attack on DeKalb County. A hacking attack on the county has made some systems inaccessible.”
  • “Frieders says things are still running in the county, but it might harder to contact people as the email system is down.”
  • “Frieders says the county has not been contacted by anyone asking for a ransom to restore the county's systems. He says the county is working with police, including the Federal Bureau of Investigation, to get to the bottom of the attack.”
Read More

 
City of Moline falls victim of cyber attack, now under federal investigation, Rock Island County

Breach Type – Phishing, Other

ABC WGAD 8

  • “It was made public that the City of Moline fell victim of a cyber-attack in form of a phishing scam. It was discovered by city staff in January 2021, and the apparent scam happened in December 2020. A vendor that the City of Moline works with reached out and explained that it had not received payment for services completed.”
  • “The city has insurance in place to cover cyber crime. This limits the exposure to Moline taxpayers to a maximum of $20,000 regardless of whether none, a portion or all of the stolen funds are recovered.”
  • “As a result of the incident, the city reviewed all of its internal control policies with the assistance of its auditors”
  • “The Moline Police Department still has an open investigation into this matter and is working with federal authorities on the investigation. Due to that, we aren't able to divulge further information that may jeopardize the investigation.”
Read More

 
This is a significant loss of taxpayers dollars': Rock Island County investigating wire fraud theft of more than $115,000

Breach Type – Phishing, Other

Quad City Times

  • “June 1: Someone contacted the county auditor’s office by email, claiming to represent one of the contractors with whom the county works. The email asked that future payments be sent in a different way than previously because the company had changed bank accounts. The email was fraudulent.”
  • “June 18: The Rock Island County Auditor’s Office authorized a transaction of $97,042.50 to the new account.”
  • “An employee of my office was the victim of an email scam which resulted in the inadvertent transfer of over $115,000 to a fraudulent account before it was caught and stopped,” April Palmer, the county auditor, said in a news release. “The employee was led to believe by receiving a direct deposit request and a bank letter, that the payments were being sent to a long-time vendor of the County’s.”
Read More

 
Illinois Attorney General's Office, State of Illinois

Breach Type – Unknown, Ransomware

Chicago Tribune

  • Threat actor group DoppelPaymer believed to be behind the attack
  • Attorney General's Office working with local and federal law enforcement
  • Some exfiltrated data has been posted online
Read More

 
Champaign-Urbana Public Health District’s, Champaign County

Breach Type – Unknown, Ransomware

Gazette

  • Healthcare officials forced to use alternative means for communication
  • Ransomware cyberattack affected provider's network
  • Email accounts, health records, and patient medical records remained safe
Read More

 
La Salle County Government Systems, La Salle County

Breach Type - Unknown, Malware

WSPY News

  • County computer systems affected following cyberattack
  • Emergency protocols enacted for offices that were hit
  • Several other facilities remained unimpacted
Read More
LCBC Radio

  • Officials remained unsure about how many computers were hit
  • Courthouse possibly affected by cyberattack, email remained functional
  • Employees were unable to access anything outside stored information
Read More
WSPY News

  • Officials confirmed county was hit in cyberattack
  • Bad actors used ransomware against network
  • Ransom demand to release systems had been made
Read More

 
City of Belvidere, Boone County

Breach Type – Unknown, Ransomware

RRSTAR

  • Ransomware used in cyberattack against city government
  • Email and other services were taken out in the attack
  • Officials stated that no ransom had yet been delivered
Read More

 
Bureau County Website, Bureau County

Breach Type – Hacking, Other: Website Defacement

News Trib

  • County website hacked by Iranians
  • Attack was breach of zoning area on website
  • Courthouse remained unaffected
Read More

 
Bartlett Public Library System, Cook, DuPage, & Kane Counties

Breach Type – Unknown, Ransomware

Data Breaches

  • Ransomware cyberattack utilized against public library
  • Personal information was not compromised in the attack
Read More

 
Macon County Circuit Clerk's Office Website, Macon County

Breach Type – Hacking, Other: Website Defacement

Herald Review

  • This attack specifically targeted the website causing another defacement along a string of related attacks
  • Investigations and imagery on the website point to the hackers being Iranian based
  • Private information was kept on a separate server and therefore unaffected by the recent hack
Read More

 
City of Chicago Department of Aviation, Cook County

Breach Type - Phishing, Malware

CBS Local

  • After attempting to make payments of more than $1 Million to a vendor it had been noticed that it was a scam
  • A phishing email acting as a vendor had asked to change the bank accounts for payments
  • The money was paid to this spoofed account but had been recovered as the bank placed a hold on the fake account
Read More

 
Moultrie County Government Systems, Moultrie County

Breach Type - Ransomware

WAND TV

  • Computer issues may be caused by dangerous ransomware
  • Reported issue to Illinois State Board of Elections as a database problem
  • As many as three servers may have been infected
Read More

 
Crawford County Clerk's Office, Crawford County

Breach Type - Ransomware

WTHITV

  • Crawford County Clerk’s office hit with ransomware
  • Clerk’s office employees completed work manually to stay on task
  • Program and firewall updates to system are needed along with software updates to prevent future attacks
Read More

 
Perry County Government, Perry County

Breach Type - Ransomware

WJBD Radio

  • Perry County computers shut down by ransomware attack
  • Mayor refused to pay ransom, having backup system in place
  • Wiped system clean & restored all files within 6 hours
Read More

 
Illinois State Election System

Breach Type - Hack

NBC News

  • Detected malicious activity on network
  • Reported to DHS
  • No voter rolls were accessed/altered
Read More

 
Cook County Treasurer's Website

Breach Type - Cryptojack/Other

WCCF Tech

  • Over 4,200 victims hijacked to mine Monero cryptocurrency
  • Secretly hijacked using compromised plug-in called "Browsealoud"
  • Though sites were affected for hours, no user data was affected/compromised
Read More

 
Batavia City

Breach Type - Data Breach

Chicago Tribune

  • W2 phishing scam targets Batavia
  • Over 240 employees potentially affected
  • Names, social security numbers, addresses, & earnings exposed
Read More

 
Montgomery County

Breach Type - Hack

The Journal News

  • External malware affects some county government offices
  • 911 operations not affected by malware
  • No breach of county data or loss currently
Read More

 
Illinois Department of Veterans' Affairs

Breach Type - Hack

Daily Herald

  • Malware virus attack infects agency's network
  • Staff launched security incident response through Department of Innovation & Technology
Read More
My Wabash Valley

  • Malware paralyzed computers for at least six weeks
  • Employees resort to manual activity for daily functions
  • Private data of veterans remained unaffected, not stolen
Read More

 
Illinois Elections

Breach Type - Hack

Capitol Facts

  • Russian Hackers attack voting software supplier days before presidential election 2016
  • Report does not confirm if hack had any effect on election results
  • Hackers infected U.S. voting software company
  • Sent spear phishing emails to 100+ election officials
  • Illinois election officials confirm intrusion of state’s election system
Read More

 
Cook County

Breach Type - Ransomware

State Scoop

  • First known government infection of WannaCry in U.S.
  • Barrage of phishing emails
  • No major Cook County operations affected
Read More

 
Illinois State Board of Elections Officials

Breach Type - Hack

Chicago Tribune

  • Personal information of about 200,000 voters hacked
  • Cyber-attack from foreign origin
  • No files of registered voters were erased or modified
  • No voting history captured, or voter signatures
  • Drivers license numbers and last four digits of Social Security numbers could be compromised
  • Online entered information more likely to be compromised
  • Board took offline outside access to prevent further intrusions
Read More

 
Downers Grove, DuPage County

Breach Type - Hack

Chicago Tribune

  • Cyber security issues prompt Governor to delete social media accounts
  • Gov. often posted political viewpoints on social media accounts
  • Online presence went dark
Read More

 
Kankakee County

Breach Type - Ransomware

Daily Journal

  • Ransomware infects computer systems through phishing email
  • County officials decided against paying ransom and would not disclose how much hackers demanded
  • County files were saved on backup server
Read More

 
BACK TO TOP

Medical

Cyberattackers Hit Data of 80k Fertility Patients, State of Illinois

Breach Type – Hacking, Data Breach

Threat Post

  • "The protected health information of nearly 80,000 patients of Fertility Centers of Illinois (FCI) may have been pawed over by cyber intruders following a cyberattack."
  • "FCI runs four clinics across Illinois. According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ data breach site, the breach – reported on Dec. 27 – affected 79,943 people."
  • “FCI’s data breach notice (PDF) said that the healthcare organization first detected suspicious activity on its internal systems on Feb. 1, 2021. A subsequent investigation indicated that security systems had blocked attackers from accessing patient EMR (electronic medical records) systems. However, the intruder(s) managed to access administrative files and folders."
  • “The accessed files included some patients’ names, employer-assigned ID numbers, passport numbers, Social Security numbers, financial account information, payment card information, treatment information, diagnosis, treating/referring physicians, medical record number, medical billing/claims information, prescription/medication information, Medicare/Medicaid identification information, health insurance group numbers, health insurance subscriber numbers, patient account numbers, encounter numbers, ill health/retirement information, master patient index, occupational-health related information, other medical benefits and entitlements information, other medical ID numbers, patkeys/reason for absence, sickness certificate, usernames and passwords with PINs or account login information, and medical facilities associated with patient information."
Read More

 
Hackers had access to OSF Healthcare's IT systems for 6 weeks before outage, Peoria County

Breach Type – Unknown, Data Breach

Becker Hospital Review

  • "Peoria, Ill.-based OSF HealthCare began notifying patients Oct. 1 that their protected health information was exposed for more than six weeks during an attack on its IT systems earlier this year."
  • ”OSF HealthCare experienced a computer systems outage from April 23-25, which sent the health system into downtime procedures and protocols for two days"
  • ”OSF HealthCare said the outage was the result of a data security incident. After investigating the incident, the health system discovered that an unauthorized party gained access to its systems from March 7 to April 23. As a result, the hacker was able to access certain files belonging to some patients at OSF Little Company of Mary and OSF Saint Paul."
  • "Patient information exposed by the incident included names, birthdates, Social Security numbers, treatment details, prescription details and health insurance details. Financial information belonging to a "smaller subset of patients" also was exposed"
Read More

 
600,000 patients' info exposed in cyberattack on Illinois medical group, DuPage County

Breach Type – Unknown, Data Breach

Becker Hospital Review

  • "DuPage Medical Group is notifying 600,000 patients that their personal health information was exposed when the Downers Grove, Ill.-based medical group's computer network was hacked in July"
  • "DuPage Medical Group... discovered the unauthorized activity on its computer network July 13. As a result, the group shut down access to its network and medical records for nearly a week."
  • "The hacker had access to DuPage Medical Group's computer network July 12-13 and compromised the following information of the group's patients: names, birthdates, addresses, diagnosis codes, and Social Security numbers for a small number of people, among other details."
  • "No evidence that any information has been subject to actual or attempted misuse as a result of this incident."
Read More

 
Malware Attack Exposes IL Health Centers' Patient and Staff PHI, Cook County

Breach Type – Unknown, Malware

Health IT Security

  • “Dynamic Health Care, Inc. (DHC) of Illinois issued a data incident notice on July 16, notifying its patients and staff of “a recent event that may affect the privacy of information of certain nursing care facility patients and employees for whom it provides consulting, administrative, and back-office services,”
  • "DHC found malware on its computer systems on November 8, 2020"
  • “Through this investigation, DHC determined that in connection with the malware event, an unauthorized actor accessed certain systems within its network on or about November 8, 2020.”
  • "The breached data includes patients’ and/or staff members’ names, dates of birth, Social Security numbers, treating nursing care facility names, and may include a resident identification number and dates of admission and/or discharge, the notice states."
  • “Following this incident, DHC took immediate steps to improve the security of its environment and increase its security posture. DHC is also implementing additional training and education to its employees to prevent similar future incidents.”
Read More

 
Lake County Health Department Announces Two Data Breaches Impacting Nearly 25,000 Patients, Lake County

Breach Type – Unknown, Data Breach

Lake & McHenry Scanner

  • "The Lake County Health Department announced two data breaches, one of which occurred in 2019, that compromised the data of almost 25,000 people."
  • -"…that the first breach, which was disclosed earlier this month, occurred after an unencrypted email was sent to an internal employee’s personal email address."
  • “The spreadsheet consisted of medical records requests from December 2016 to June 2019 made through a third-party vendor who provides release of information services.24,241 people were impacted and the health department mailed them a letter on July 2 notifying them of the breach."
  • "The second breach involved an unencrypted Google spreadsheet used by volunteers and staff, The spreadsheet contained names, dates of birth, phone numbers, email addresses and vaccination status of seniors seeking information on the COVID-19 vaccine."
  • "705 people were impacted in the second breach and the health department has since notified them via mail about what happened."
  • ”The health department determined no one’s personal health information was compromised in the first breach but federal authorities disagreed and said the information could have been compromised."
Read More

 
Cancer Treatment Centers of America Midwestern Regional Medical Center, Cook County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Email hack breached 104,808 patients' data
  • Compromised information may include patient names, medical data, and health insurance information
  • The affected email account has been disabled, and CTCA recommends that affected individuals monitor their benefit statements
Read More

 
Southern Illinois University School of Medicine, Jackson County

Breach Type – Hacking, Data Breach

Health IT Security

  • Vulnerabilities in Accellion's File Transfer Appliance were exploited by Clop ransomware threat actors
  • Compromised information for SIU School of Medicine patients may include names, dates of birth, SSNs, driver's licenses, treatment plans, and insurance information
  • SIU has terminated use of the FTA and is offering complimentary identity theft protection to those whose SSNs and/or driver's licenses were exposed
Read More

 
OSF Healthcare System, Peoria County

Breach Type – Unknown, Data Breach

Data Breaches

  • OSF health care system is forced to Mail letters to patients advising them of Blackbaud attack
  • OSF investigations of Blackbaud database determined that some sensitive patient information was exposed
  • The health system did not notify in a public release how many patients were being contacted
Read More

 
NorthShore University Health System, Cook County

Breach Type – Unknown, Data Breach

Chicago Tribune

  • Nearly 348,000 individuals potentially had information leaked
  • Names, birth dates, addresses, and medical information possibly accessed
  • University reported cyberattack to federal health agency
Read More

 
Northwestern Memorial Health Care, Cook County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • Northwestern Memorial Health Care was also a victim of large scale Blackbaud breach
  • Blackbaud notified many organizations of exposure that bad actors had gained access between Feb. and May
  • The bad actors were able to access a backup server taking donor and patient information, Blackbaud believes that the information is not being misused
Read More

 
R1 RCM, Cook County

Breach Type – Unknown, Ransomware

Krebson Security

  • R1 RCM had rendered servers offline in response to ransomware attack
  • The company has access to may forms of private personal sensitive data
  • It is believed the attack took place a week prior to public statements.
Read More

 
FHN Memorial Hospital, Stephenson County

Breach Type – Phishing, Data Breach

Journal Standard

  • The hospital notified its patients of bad actors gaining access to employee email accounts potentially exposing patients
  • To assess damages the hospital reviewed all the email attachments to evaluate potentially exposed patient information
  • Information that was accessed includes patients’ names, dates of birth, medical records, and/or Social Security numbers
Read More

 
Carle Foundation Hospital, Champaign County

Breach Type – Phishing, Data breach

Security

  • Hospitals in Illinois victim of phishing scam
  • Three hospitals suffered breach of data
  • Unspecified number of patients' information affected
Read More

 
Center for Vitreo-Retinal Diseases, Lake County

Breach Type - Ransomware

Data Breaches

  • Servers impacted by ransomware attack
  • Hackers may have viewed private information of patients
  • 20,300 patients potentially affected in data breach
Read More

 
Medspring Urgent Care, Cook County

Breach Type - Phishing, Data Breach

Data Breaches

  • Illinois Medspring employee falls victim to phishing scam
  • Some patient personal information contained in email account
  • 13,000+ patients potentially affected
Read More

 
BACK TO TOP

Education

Ransomware shuts down Lewis & Clark computers, Madison County

Breach Type – Unknown, Ransomware

The Telegraph

  • “In a message sent to staff members around 6 a.m. Wednesday, LCCC President Ken Trzaska said the school's computer systems were down because of a "Ransomware attack."
  • “We now have a major systems outage and need to close campus today, Wednesday, November 24," Trzaska said in his message. "All systems are down including email, blackboard, phones, colleague, etc.”
  • “Trzaska asked that people not use the college email system or open any files "to be safe."
Read More

 
Niles Township High School District 219, Cook County

Breach Type – Hacking, Other

Journal & Topics

  • Racist, offensive, and inappropriate content was emailed to students
  • Bad actors hacked district's systems in cyberattack
  • IT personnel worked closely with local police to investigate
Read More

 
Maine Township High School District 207 Website and emails, Cook County

Breach Type – Hacking, Other

Journal & Topics

  • School district website was defaced following cyberattack
  • Bad actors left hate speech and inappropriate imagery on school website
  • Officials filed report with municipal police which were aided by neighboring department
Read More

 
Heartland Community College, McLean County

Breach Type – Unknown, Malware

Pantagraph

  • College online operations remain shut down following safety measure due to outside source compromising some systems
  • No personal information seems to be affected by this attack at this time
  • The colleges internal information technology security were able to catch the attack
Read More

 
Columbia College, Cook County

Breach Type – Unknown, Malware

Columbia Chronicle

  • Six of Columbia University's applications were marked as down until further notice due to malicious activity
  • IT was able to respond immediately but servers and storage were still down
  • From what the college knows it seems that no information was compromised or taken
Read More

 
Illinois Valley Community College, LaSalle County

Breach Type – Unknown, Malware

WCMY 1430 AM

  • Bad actor's using malware hacked college systems
  • Officials believed systems would be restored within 10 days
  • Payroll, student registration, and email remained down
Read More

 
College of DuPage, DuPage County

Breach Type – Unknown, Data Breach

Info Security

  • Over 1,700 employees were given free credit monitoring
  • Officials did not disclose the nature of the attack
  • Website was taken offline during attack by bad actors
Read More

 
Crystal Lake Community High School District 155, McHenry County

Breach Type – Unknown, Ransomware

NwHerald

  • School district's computer network affected after cyberattack
  • Bad actors used ransomware to hinder school's network
  • Officials contacted outside IT team to assist with restoration
Read More

 
Sycamore School District 427, DeKalb County

Breach Type – Unknown, Ransomware

Daily Chronicle

  • School district hit with ransomware cyberattack
  • Visitors to district webpage discovered message indicating attack
  • Unknown number of servers were affected
Read More

 
Rockford Public Schools, Winnebago County

Breach Type – Unknown, Ransomware

Data Breaches

  • School district had 50-60 of its servers go down in ransomware attack
  • District continued to recover from cyberattack months later
  • Officials described the attack as devastating
Read More

 
Mount Zion School District, Macon County

Breach Type - Hacking, Ransomware

Herald Review

  • School system lost several weeks of student’s grades
  • Attack was from a brute force foreign attack aimed at the network
  • Data was not removed but instead encrypted and left unusable
Read More

 
Peoria Notre Dame High School, Peoria County

Breach Type - TDoS/DDoS

PJ Star

  • Cyber attack on Peoria Notre Dame High School draws attention of federal investigators
  • Denial of Service attacks plagued school multiple times in the month of October
  • Attacks posed serious threat to the school and day to day operations
Read More

 
Hoopeston Area School District, Vermilion County

Breach Type - Hacking, Other

DataBreaches

  • Hoopeston Area School District website hacked
  • Pictures & emergency callout messages sent to district families
  • Website has since been secured
Read More

 
Pekin Community High School

Breach Type - Ransomware

PJ Star

  • Hackers demand $37,000 after encrypting entire school network
  • Pekin Community was unsuspecting, having good security measures in the past
  • Local police and FBI involved in the case, no personal data at risk
  • Pekin refused to pay ransom, mostly restoring system through backups
Read More

 
Morton School District

Breach Type - Phishing

Central Illinois Proud

  • Morton Police department believe Russian hackers source of phishing scheme
  • Investigating situation in which employees of school district had their W-2 information released
Read More
Tazewell Chronicle

  • Russian Hackers sent fraudulent emails asking for employee W-2 information, cause security breach
  • Posed as District's Superintendent
  • Names and Social Security numbers compromised when employee sent information
Read More


 
BACK TO TOP