Iowa Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Iowa.jpg
 

Public Safety

Muscatine County CAD system & law enforcement, & City of Muscatine, Muscatine County

Breach Type - Other, Ransomware

Muscatine Iowa Gov

  • A MUSCOM server, the City of Muscatine Shieldware, a Springbrook financial server, and other city servers encrypted by ransomware attack
  • City of Muscatine IT staff and other IT personnel worked to isolate ransomware and restore servers
  • Muscatine Police and federal authorities lead investigation
Read More
Muscatine Journal

  • Vulnerability potentially exposed system to bad actors
  • Every department shared a records management system and computer aided dispatch system, resulting in all county law enforcement being directly affected by the cyber attack
  • Connection between the jail and Public Safety Building shut down to prevent further damage
  • Officers could not access mobile computers in squad cars due to offline servers
  • The jail lost access to those systems, including the National Crime Information Center database
Read More

 
BACK TO TOP

Local Government

City of LeClaire paid $222,373 to email scammers posing as vendors, Scott County

Breach Type – Phishing, Other

Quad City Times

  • “In total, $222,373 in LeClaire city funds were directed to three fraudulent accounts through “cleverly disguised and modified emails that resembled legitimate emails from legitimate vendors,” interim City Administrator Ed Choate wrote in an email to the Quad-City Times.”
  • “LeClaire has recovered about $120,618, Choate said, by freezing the accounts. Choate said the city is continuing to work with the FBI, the city's bank, and its insurance carrier to recover and/or reach a settlement for the remaining about $102,000.”
  • “In two of the three situations, Choate said, the city discovered the cyber attack because the actual vendors contacted the city to alert officials that they hadn’t received payment. In the third case, the city clerk discovered the fraud and contacted the vendor.”
  • “The city installed multi-factor authentication and other security software applications, Choate said, to prevent email compromises in the future. And documents and training for ACH transactions, an automatic payment system, were implemented by the city with help from their financial institution and the Iowa Department of Management.”
Read More

 
City of West Des Moines, Polk County

Breach Type – Unknown, Malware

Who Radio

  • City networks and servers were compromised in cyberattack
  • Officials were forced to disable the network to prevent spread
  • Emergency services remained relatively unimpacted
Read More

 
City of Ames, Story County

Breach Type – Hacking, Data Breach

Gemini Advisory

  • Hackers exploited vulnerability in Superion’s Click2Gov Utility Bill Pay Systems affecting government entities across the U.S.
  • Over 20,000 records from eight cities in five different states have been offered for sale on the dark web
  • City of Broken Ames one of the eight cities impacted
Read More

 
City of Ames, Story County

Breach Type - Other, Data Breach

Ames Tribune

  • Vulnerability in Click2Gov systems causes potential breach at City of Ames
  • City of Ames’ parking ticket payment system affected & taken offline
  • After learning the system had been breached, the city followed protocol and replaced the web server
  • 4,600 customers’ financial information potentially at risk
Read More

 
Dyersville Deputy Clerk Email, City of Dyersville, Dubuque County

Breach Type - Phishing, Other

Dyersville Commercial

  • Dyersville Deputy Clerk fell victim to phishing scam
  • Malicious link lead to computer virus which sent mass spam email to city customers
  • City isolated the account, wiped the affected computer, & cleaned the system
Read More

 
City of Keokuk

Breach Type - Phishing

Tri States Public Radio

  • W2 phishing scheme targets city of Keokuk
  • Affected employees will be notified via mail
  • Will be offered free credit monitoring
Read More

 
State of Iowa Election Hacking

Breach Type - Hack

The Daily Nonpareil

  • State target of election hacking
  • Able to block hacking attempts
  • No data compromised or affected
Read More

 
Spencer Chamber of Commerce

Breach Type - Ransomware

Spencer Daily Reporter

  • Attack limited to chamber offices, not city offices
  • Computers operate off common server, all are affected
  • New hard drives ordered to transfer data
Read More

 
Woodbury County

Breach Type - Ransomware

Tech Talk

  • 3,700 files compromised
  • Nothing lost thanks to backup servers
  • Attack originated from email
Read More

 
BACK TO TOP

Medical

Thousands of patients exposed after phishing attack on Iowa hospital, Wayne County

Breach Type – Phishing, Data Breach

Becker Hospital Review

  • "Wayne County Hospital began notifying 2,016 patients that their data may have been exposed after hackers launched a phishing attack on its employee emails."
  • "On March 22, the hospital learned it was the victim of a phishing attack. The hospital took steps to secure its network and launched an investigation with a third-party cybersecurity firm"
  • "Email accounts contained some patients' names, Social Security numbers, financial account information, medical-related information and more."
  • "The hospital said it's working to figure out how the breach occurred and taking steps to prevent a similar situation from occurring again."
Read More

 
Peoples Community Health Clinic Issues Notice of Data Security Incident, Hawk County

Breach Type – Unknown, Data Breach

PR Newswire

  • On March 22, 2021, PCHC became aware of suspicious activity related to an employee's email account. Following this, PCHC promptly launched an investigation with the assistance of third-party forensic specialists to assess the security of its systems and the nature and scope of this incident."
  • -"This investigation determined that an unauthorized individual gained access to one PCHC email account between March 18, 2021 and March 22, 2021 but could not confirm what specific information within this account may have been actually accessed by the unauthorized individual."
  • "While the specific data elements vary for each potentially affected individual, the scope of information potentially involved includes: name; address; Social Security number; date of birth; driver's license number or state identification number; medical diagnosis/medical treatment information; health insurance information; payment card number; or card CVV/expiration date."
Read More
Mercy Iowa City Hospitals, Johnson County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Bad actor gained access to employee email account for over 1 month
  • Spam and phishing emails were sent using the account
  • Personal health information, including patient names and SSNs, were likely compromised
Read More

 
UnityPoint Health, Polk County

Breach Type – Unknown, Ransomware

KCCI 8 News

  • Healthcare provider contacted roughly 27,000 following cyberattack on vendor
  • Over 3 million healthcare entities had information accessed from vendor database
  • Information included names, addresses, dates of birth, and dates of service among others
Read More

 
Monroe County Hospital & Clinics, Monroe County

Breach Type – Phishing, Data Breach

Des Moines Register

  • Bad actors used phishing in data breach cyberattack
  • Over 7,000 patients had information leaked
  • Healthcare center notified affected patients via email
Read More

 
Graceland University, Decatur County

Breach Type - Phishing, Data Breach

Bleeping Computer

  • Hackers gained access to employee emails on two separate occasions
  • Private information was compromised as unauthorized users had access to previous interactions within that account
  • Sensitive information such private social security numbers, payment information, date of birth, full name and more was exposed
Read More

 
Southern Hills Eye Care, Woodbury County Iowa

Breach Type - Unknown, Ransomware

Data Breaches

  • An investigation was prompted after the office had been attacked by ransomware
  • Hackers may have gained access to sensitive patient information leaving it compromised
  • There is no evidence patient information was truly compromised but the office has made attempts to stop events like this in the future
Read More

 
Jones Eye Clinic, Woodbury County

Breach Type - Ransomware

Sioux City Journal

  • Ransomware attack hits Jones Eye Clinic
  • Breach may have impacted patients registered during specific time frame
  • Computer systems immediately restored using backup information
Read More

 
UnityPoint Health, Polk Co., Dallas Co., Warren Co.

Breach Type - Phishing, Data Breach

Des Moines Register

  • Hackers create sophisticated phishing scheme to gain access to UnityPoint Health system
  • Intruders may have accessed private medical information
  • UnityPoint implementing stronger cyber defenses to prevent future attacks
Read More
Becker's Hospital Review

  • This long spanning attack caused the health system to notify affected patients of attack
  • Over 16,000 Patients were affected in the first wave but 1.4 million were affected in second breach
  • The information leak has lead to a lawsuit regarding the health system's failure to contact exposed victims and failure to communicate what was exposed
Read More

 
UnityPoint Health

Breach Type - Phishing

DataBreaches

  • UnityPoint notified patients its email system fell victim to a phishing attack
  • Acted to secure the affected accounts & hired a forensic investigator to analyze data at risk
  • Personal information potentially accessed/misused, including financial information for some patients
Read More

 
Primary Health Care, Inc.

Breach Type - Hack

PR Newswire

  • Employee email account compromised
  • Primary Health Care launched investigation to analyze information at risk
  • As a precaution, notified potentially affected individuals
  • No evidence of misuse of information exists
Read More

 
Waverly Health Center

Breach Type - Ransomware

KWAY Radio

  • Waverly health experiences ransomware attack
  • Working to restore systems without paying ransom
  • Manual documentation by employees to ensure patient care continues
Read More

 
Iowa City’s Mercy Hospital

Breach Type - Hack

Daily-Iowan

  • Cyber extortion possibly occurred on Jan. 26th, 2016
  • Mercy began an internal investigation
  • Hired a leading forensics firm to help secure information
Read More

 
BACK TO TOP

Education

Union Community School District Victim of File Dump on Dark Web

Breach Type – Unknown, Ransomware

DataBreaches.net

  • The district experienced a cyberattack prior to April 19... But now that the threat actors have dumped thousands of files with employees’ and students’ personal information on the dark web
  • The threat actors do not indicate in the listing when they first attacked the district or contacted them with any ransom demand, but on May 28, the threat actors updated their listing of April 19 and dumped thousands of files. They also posted a list of every computer on the district’s network
  • The file dump, compromising almost 2 GB of compressed files, contained numerous files with personal and personnel information on former and current employees as well as personal information on current and former students
  • Files with employees’ personal addresses, phone numbers, name of spouse or partner, and their birthday were also in the dump, as were salary schedules with employees’ rate of pay, date of hire, Social Security numbers, and other types of certification data and expiration dates
  • Student-related files include lists of all students in every class and grade, but also some disciplinary incidents involving named students. There were also files with named students and Student Reporting in Iowa (SRI) information, and thousands of transcripts of students who graduated between 2003 and 2019
Read More

 
Charles City Schools, Floyd County

Breach Type – Unknown, Data Breach

Mail Tribune

  • Student health information likely compromised
  • Third party vendor's systems were hit
  • Names, Medicaid information, dates of birth among leaked info
Read More

 
Timberline billing services, Polk County

Breach Type – Unknown, Data Breach

The Oskaloosa Herald

  • Contractor has experienced a data security incident that resulted a breach of personal student information
  • According to press release breach to not involve access to internal systems or student records
  • Some of the files contained information concerning current and former students’ personal information
Read More

 
Graceland University, Decatur County

Breach Type - Phishing, Data Breach

Bleeping Computer

  • Hackers were able to gain access to email accounts on several different accounts
  • Private information may have been accessed including information of persons who interacted with the accounts over several years
  • Some of the private information may have contained social security numbers, full names, birthdays, salaries, family information, and more
Read More

 
Johnston School District

Breach Type - Hack

Des Moines Register

  • "Dark Overlord" hacking group accessed & exposed personal information of young Johnston students
  • Hackers contacted students' parents, sending threatening text messages
  • Parents concerned about security of sensitive data on Johnston School servers
  • Local authorities and federal investigators working to resolve security incident
Read More

 
University of Iowa

Breach Type - Phishing

Daily Iowan

  • University of Iowa students targeted in phishing attacks
  • Hacker compromises student account & sends 200 fraudulent emails
  • Hacker used email to pose as university employee
  • University working to implement additional security measures
Read More

 
University of Iowa

Breach Type - Hack

DataBreaches

  • Investigated multiple cheating incidents caused by hacking
  • Advised campus community to change University account passwords
  • Notified 250 University staff members hackers accessed their credentials
Read More

 

BACK TO TOP