Public Safety

Clerk of Court office back to normal after hack, Tangipahoa Parish

Breach Type – Unknown, Malware

Hammond Star News
January 19th, 2023

”Business returned to normal Tuesday at the Tangipahoa Parish Clerk of Court office, nearly two weeks after the host company for the office’s network system was hacked."
"Fussell said the clerk’s office uses two separate host companies, so only the recording department, which includes conveyances, marriage licenses, and mortgage certificates, was affected.”
”Our recording department was dead in the water,” Fussell said, “but was elated to report that the office should be caught up by the end of the week. “We have two different software providers, so we were lucky we were able to operate.”
”...scheduled sheriff’s sales of property were cancelled, mortgage loans could not be closed because no titles searches could be completed which affected the acts of sale, and for a period of time no marriage licenses could be issued.”
The shutdown affected sheriff’s sales of property because TPSO was not able to obtain mortgage certificates, said Chief Jimmy Travis. “This is one of those deals,” Travis said. “A lot of people don’t see how much money the sheriff’s office spends every year on firewalls. We spend hundreds of thousands of dollars. As a law enforcement agency we are a target of attackers.”

Louisiana Corrections Department Suffers Third-Party Data Breach, 85K Impacted, East Baton Rouge Parish

Breach Type – Unknown, Data Breach

Health IT Security
November 9th, 2022

”The third-party breach originated at CorrectCare and potentially exposed the information of inmates who received care between 2013 and 2022."
"November 09, 2022 - The Louisiana Department of Public Safety and Corrections reported a third-party data breach that impacted 85,466 inmates who received offsite medical care during their incarceration between January 2013 and July 2022.”
”The breach originated at CorrectCare, a third-party health administrator under contract with the department to process medical claims. On July 6, CorrectCare discovered that two file directories containing protected health information (PHI) were “inadvertently exposed to the public internet.” The file directories contained names, dates of birth, Social Security numbers, DOC IDs, and diagnosis codes. The breach did not impact the department’s EHR system.”

Louisiana Public Facilities Authority (LPFA) victim of ransomware, East Baton Rouge Parish

Breach Type – Unknown, Data Breach

Data Breaches
August 7th, 2022

“Our investigation indicates the attack may have gone on over a period of weeks and the attackers may have gained access to personally identifiable information of some of our customers, including but not limited to customer names and banking financial data...”
“The LPFA’s education division, the Louisiana Education Loan Authority (Lela), also stores limited student loan data on the LPFA system servers, which may hold personal information for borrowers, including, but not limited to, names, social security numbers, physical and email addresses, phone numbers, and loan balance information."
"We have reported this attack to the appropriate State of Louisiana entities and U.S. federal level and collaborated with them to investigate this attack. We are confident the attack has been stopped and the attacker’s access has been closed."

Lafourche Parish Sheriff's Office, Lafourche Parish

Breach Type – Phishing, Other

WDSU
March 19th, 2021

Sheriff's office responded to an email from a fake company and bank account providing instructions to change bank information and approximately $347,707 was sent to the hacker's account
Attack spans back to late 2018 when the crime took place and a report was sent to the FBI and Louisian Attorney General of the missing funds
No employee of the Lafourche Parish Sheriff's Office was reported to be involved in perpetrating the crime

Covington Police, Fire, and City, St. Tammany Parish

Breach Type – Hacking, DDoS

WWLTV
March 11th, 2021

The city has lost access to all of its systems in recent cyber attack
Police, Fire, and other city employees were unable to use their systems and had to resort to other means
It is unknown the extent of the attack or how long its duration will persist

Louisiana State Government, State of Louisiana

Breach Type – Unknown, Ransomware

The Advocate
November 18th, 2019

Motor vehicle and other state departments disrupted in cyberattack
IT personnel disabled computers affected by the virus
Most recipients of SNAP were able to utilize their card despite attack

WBRZ
November 21st, 2019

Attack prevented law enforcement from being able to access background checks or histories
Noted as a safety hazard for police and potential threat allowing warranted persons to walk
Officers and Dispatch only have access to local physical copies of warrants and other information

East Baton Rouge Sheriff’s Office, East Baton Rouge Parish

Breach Type – Hacking, Other (Website Defacement)

The Advocate
September 4th, 2019

Sheriff's office website hacked with disturbing message
Officials advised that bad actor was unable to access data
Website eventually taken down and replaced with 404 error message

Lafayette Parish Sheriff's Office

Breach Type - Virus

KADN News 15
October 19th, 2017

Virus takes systems offline at Lafayette Parish Sheriff's Office
Information on inmate database missing as a result
Email system down
Network technicians working to restore & repair records
Virus similar to attack on Iberia Parish Sheriff's Office which hit weeks before

Virus Hits Iberia Parish Sheriff’s Office

Breach Type - Ransomware

KLFY
August 4th, 2017

FBI Cyber Crime Unit involved to investigate

KATC
August 4th, 2017

Personal information was not stolen
Systems reconfigured
Ransom not paid

Local Government

Work continues around the clock to get HiRE site back up and functioning, State of Louisiana

Breach Type – Unknown, Malware

Louisiana Workforce Commission
June 29th, 2022

”Work is currently underway to restore the Louisiana Workforce Commission’s HiRE website (https://www.louisianaworks.net/hire/) after Geographic Solutions (GSI), the company that operates it, discovered an attempted malware attack that required it to take state labor exchanges and unemployment claims systems offline.”
“The HiRE website is used to file unemployment claims, job searches and other functions. According to GSI, there was no data breach and the personal information of HiRE users was not compromised.”
“This outage impacts the near 11,000 people currently filing continued claims for unemployment in Louisiana. GSI has prioritized Louisiana for restoring the HiRE website, and we remain fully committed to working with them to bring our systems back online as soon as possible.”
“This outage will not prevent otherwise eligible claimants from receiving unemployment insurance benefits…”

Ouachita Parish Public Library Recovering From Malware Attack

Breach Type – Unknown, Malware

KNOE News 8
June 16th, 2021

The outages which began after a malware attack on April 21st include the online catalog, phone systems, public computers, Wi-Fi, and more
It is not known who is behind the attack, but no ransom has been requested to this point and no personal information was taken as part of the breach
Since the breach, library employees have been managing check-outs and returns by hand

US Criminal Court Hit by Conti Ransomware; Critical Data at Risk

Breach Type – Unknown, Ransomware

HackRead
September 11th, 2020

Conti ransomware operators attacked the Fourth District Court of Louisiana and posted proof of attack on their Dark Web site accessible through the Tor browser
A US criminal court has become the victim of Conti ransomware strain, operated by a hacking group of the same name. The hackers have also published several court documents online
Reportedly, the Fourth District Court of Louisiana’s website was targeted in the attack. After successfully stealing the court documents related to witnesses, jurors, and defendant pleas, the hackers posted proof of the hack attack on its Dark Web page

Orleans Parish Assessor's Office, Orleans Parish

Breach Type – Unknown, Ransomware

NOLA
April 17th, 2020

Following ransomware cyberattack parish's website remained operational
Officials declined to confirm whether they paid a ransom
Bad actors are believed to have not stolen sensitive data during attack

City of New Orleans, Orleans Parish

Breach Type – Unknown, Ransomware

NOLA
December 13th, 2019

Ransomware cyberattack used against New Orleans government
City systems and website were down during attack
Emergency services remained unaffected

City of New Iberia, Iberia Parish

Breach Type – Unknown, Ransomware

Iberia Net
November 20th, 2019

Louisiana city hit with ransomware cyberattack during city council meeting
IT officials noticed attack as it was happening
National Guard and State Police were assisting in the investigation

St. James Parish Government, St. James Parish

Breach Type – Unknown, Ransomware

Fox 8
November 6th, 2019

St. James Parish government forced to release statement regarding cyberattack
Phone lines remained down and services were limited
Statewide agencies assisted parish government with getting network working

Town of Winnsboro (Utility Billing System), Franklin Parish

Breach Type - Unknown, Malware

Hanna Pub
March 13th, 2018

Winnsboro's utility billing system breached, investigated by Sheriff's Office and FBI
Multiple $1,000 withdrawals electronically stolen from utility billing account
Cyber attackers imitated passwords, imitated bank routine, and committed fraud
Malware discovered in billing computer however customer information was safe
Investigators believe malware utilized by German group

City of Lake Charles, Calcasieu County

Breach Type - Phishing, Other

KPLC-TV
December 28th, 2018

City of Lake Charles launched investigation due to unauthorized access of City’s information technology systems
No evidence of misuse of information has surfaced
City’s email server temporarily unavailable in addition to other internal systems

Bossier City Water Bill Pay System, Bossier Parish

Breach Type - Other/Vulnerability, Data Breach

ArkLaTex
August 16th, 2018

Bossier City water customers discover unauthorized charges to their accounts
Customers’ financial information potentially exposed through data breach
Bossier conducting forensic investigation

Securities and Exchange Commission

Breach Type - Phishing

Cyber Scoop
October 11th, 2017

Eastern European hacking group
Released malware through phishing emails
Hackers used multi stage infection to target specific U.S. businesses
After a specific file in Louisiana, where severs were turned offline when notified about attack

Baton Rouge municipality & Louisiana State Government

Breach Type - Hack

Vocativ
July 11th, 2016

Hackers affiliated with “Anonymous” attack two government website
Hackers state purpose is to show police brutality
Hackers claim to contain private police officer information
Compile document of news articles, audio, & video of shootings for Philando Castile & Alton Sterling

Louisiana DMV

Breach Type - Hack

Deep Dot Web
June 16th, 2016

Hacker known as “NSA”
Selling over a quarter million driver license records on dark web
Data on dark web is legitimate and for sale by “NSA”

Medical

Hive ransomware group hit Louisiana hospital, impacted 270,000 patients, Calcasieu Parish

Breach Type – Unknown, Data Breach

CyberNews.com
December 28, 2022

”The Lake Charles Memorial Health System (LCMHS) has been sending notices of a large data breach that affected tens of thousands of people who have received care at one of its medical centers. It started on October 21, when the information security team of LCMHS detected “unusual activity” involving its computer network, the news release from the company says. An internal investigation then proceeded and a few days later concluded that hackers had gained unauthorized access to LCMHS’ network and then stole sensitive files."
"The files, the medical firm said, contained patient information such as full names, physical addresses, dates of birth, medical records, patient identification numbers, health insurance and payment information, some clinical information regarding the received care, and, in a few cases, Social Security numbers. LCMHS is careful to stress that the unauthorized party did not access its electronic medical record, and the company is informing patients whose information may have been involved in the incident."
”However, LCMHS also reported the incident to the Secretary of the US Department of Health and Human Services, and the portal for healthcare related breaches now reports that 269,752 individuals have been impacted by the incident. It’s interesting that the Hive ransomware group claims that the breach occurred on October 25, four days after LCMHS reported the first detection of the network intrusion. Also, Hive listed LCMHS on its data leak site on November 15, 2022, a step that typically comes after failed negotiations for paying a ransom.”

Lake Charles Memorial Health system victim of cyberattack and data leak by Hive, Calcasieu Parish

Breach Type – Unknown, Data Breach

DataBreaches.net
November 16th, 2022

”On October 25, Lake Charles Memorial Health System (LCMH) in Louisiana received an email that began, “Ladies and gentlemen! Attention, please! This is Hive Ransomware Team.” The remainder of the email stated that Hive had been in LCMH’s network for 12 days and had exfiltrated 270 GB of files including patient and employee data. A sample of files was attached to the email as proof of claims, and Hive also commented on what they had found (typos as in the original)"
"We know about your planned Splunk SIEM Product Justification Meeting. This system will not help to protect your network. It will only make a slightly delay in next data breach your network will face. Our organisation is also offers you full information about weak spots in your networks and best ways to protect your business to prevent further hack attacks, information we can share will help you to make such breaches economically disadvantageous for big hacking organisations and “very hard to do” for small ones.”
”Copies of the correspondence between Hive and LCMH and files were shared exclusively* with DataBreaches.net. On inquiry, Hive’s spokesperson stated that they had not encrypted any of LCMH’s files, but had just exfiltrated them. They also informed DataBreaches that in addition to emailing LCMH, they had called them on the phone. Multiple inquiries sent to LCMH executives during the last week of October by DataBreaches received no reply. On November 15, Hive provided DataBreaches with an email chain between Hive and LCMH and added LCMH to their dedicated leak site. Hive’s leak site notice did not provide any proof pack yesterday, but did start leaking data publicly today.”

Hive Starts Dumping Patient and Employee Data from Baton Rouge General Health System, East Baton Rouge Parish

Breach Type – Unknown, Ransomware

Data Breaches
August 25th, 2022

"On Tuesday, Hive added the health center to their dedicated leak site, claiming that they encrypted Baton Rouge General on June 29. They dumped a lot of personal and protected health information to support their claims of having exfiltrated data."
"The data are not from just the medical center, however, but appear to include files from the larger health system, which may be why on some date unknown to DataBreaches, but after July 15, Baton Rouge General Health System posted an incident notice on its website."
"Bell said the county does have protocols in place in case of a cyber-attack, which were followed Wednesday morning.”
"On June 28, 2022, GHS became aware of suspicious activity related to certain GHS computer systems. GHS immediately launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity."

Baton Rouge General Responds to Cyber Attack, East Baton Rouge Parish

Breach Type – Unknown, Malware

WAFB 9 NEWS
June 29th, 2022

“BRG is working through the effects of a cyber attack that began Tuesday.”
“First, and most importantly, the attack has not changed our ability to care for patients. We are continuing to provide patient care at all locations.”
“The only thing that’s a little different today (Wednesday, June 29) is that we’re temporarily charting the old-fashioned way – on paper – until we can safely bring our electronic medical record and other patient systems back online.”
“We are working closely with federal and state officials as well as our security vendors to ensure our patient data remains secure.”

Pan American Life, Orleans Parish

Breach Type – Hacking, Data Breach

Nola
March 11th, 2021

Pan Am Health shut down systems in March 2021 in response to discovering patient data had been compromised
Company will be contacting potentially affected individuals directly
The company will also be offering "additional services" to those who have been impacted

LSU Health New Orleans, Orleans Parish

Breach Type – Phishing, Data Breach

KADN
November 20th, 2020

The health systems became aware of a bad actor gaining access to an employees email inbox
Bad actors seemed to gain access in September prompting a response in the same month
It is believed that the bad actors did not gain access to any sensitive information

Our Lady of the Lake Regional Medical Center (OLOL Foundation), East Baton Rouge Parish

Breach Type – Unknown, Ransomware

The Advocate
August 21st, 2020

The OLOL database was compromised following a ransomware attack on the organization
In a public statement the foundations president stated that their software Blackbaud had announced it was attacked
In an attempt to protect all the customer’s data Blackbaud paid the bad actors ransom demands

Baton Rouge Clinic, East Baton Rouge Parish

Breach Type - Unknown, Malware

BR Proud
July 11th, 2020

The clinic made a public release regarding a recent hack that impacted services
All services are currently available and will be in foreseen future
Restoration efforts were being made as phone services remained offline

Magnolia Pediatrics, Ascension Parish

Breach Type – Other, Ransomware

The Advocate
October 10th, 2019

Pediatric center in Louisiana victim of ransomware cyberattack
FBI investigated attack, center officials advised families register fraud alerts with credit bureau
Officials believed no information had been taken during the attack

Imperial Health, Calcasieu Parish

Breach Type – Unknown, Ransomware

HIPAA Journal
August 2nd, 2019

111,000 patients of health center likely had personal information compromised
Bad actors downloaded ransomware onto health center network, encrypted files
No evidence of data breach, however impossible to rule out according to officials

Louisiana Health Cooperative Inc. & Rehabilitation

Breach Type - Ransomware

HealthIT Security
December 15th, 2016

Louisiana Health indirectly victimized by ransomware infection of SummitRe
Though investigation is ongoing, no evidence has surfaced of patient data misuse
8,000 individuals could be affected by the breach

Summit Reinsurance Services, Inc.

Breach Type - Ransomware

My LAHC
October 24th, 2016

SummitRe notifies patients of ransomware attack
Hackers encrypted one of its servers containing sensitive client info
SummitRe did not find evidence of access/misuse of information

Education

Ransomware Gang Says It Leaked Data from Xavier University Students, Staff, Orleans Parish

Breach Type – Unknown, Ransomware

GovTech.com
January 2, 2023

”A ransomware gang with international reach is claiming that it leaked sensitive personal data belonging to Xavier University students and employees, apparently after university officials refused to meet their demands."
"Vice Society, which is known for targeting school systems and higher education institutions, made that claim around Dec. 20. The breach occurred on Nov. 22, according to Xavier President Reynold Verret's email to the university community on Dec. 22. Xavier officials declined comment about the alleged leak."
”The breach took place around Dec. 23, officials said. “It is not clear how many people were affected in the Xavier attack, what information might have been leaked, or what university officials know about the extent of the theft. Verret's email last week said the university was "in the process of identifying and notifying anyone who may have been affected.” School officials for now recommend students and staff change their passwords and report any unusual activity.”

Avoyelles Parish School District, Avoyelles Parish

Breach Type – Unknown, Ransomware

KALB
October 1, 2020

Cyber attack was able to render network systems off-line prompting investigations
Public officials noted that a ransom was requested but officials quickly contacted state police
It is believed that systems will be returned to normalcy but it is unknown when systems will be functional again

Morris Jeff Community School, Orleans Parish

Breach Type – Unknown, Malware

WWL
August 1st, 2019

School district was victim of malware cyberattack
IT personnel disabled district's network to mitigate potential damage
Officials believed student information had not been accessed

Jefferson Parish Schools, Jefferson Parish

Breach Type – Unknown, Data Breach

The New Orleans Advocate
August 18th, 2020

Nearly 42,000 text messages were sent to student families
Text messages contained student logon information
Officials believed student's personal information remained intact

ITI Technical College, East Baton Rouge Parish

Breach Type – Unknown, Ransomware

The Advocate
February 4th, 2020

Communications crippled in ransomware hit on college
College forced to use only paper during cyberattack
School database encrypted, held for ransom by bad actors

St. Landry Parish School System, St. Landry Parish

Breach Type – Unknown, Malware

KLFY
January 16th, 2020

Staff discovered cyberattack and took school network offline
Email and other services remained down after the attack
Officials stated that safeguards likely mitigated damage

Baton Rouge Community College, East Baton Rouge Parish

Breach Type – Unknown, Ransomware

Gov Tech
December 12th, 2019

Louisiana State Police investigated ransomware cyberattack against college
Officials disabled all servers while they checked for any damage
State and college officials assisted by National Guard

Tangipahoa Parish School System, Tangipahoa Parish

Breach Type – Unknown, Malware

Security Magazine
July 29th, 2019

School hit with malware cyber attack, e-mail and phone lines down
School superintendent advises that their office is on heightened alert
Tangipahoa Parish school IT department disabled IP phones to mitigate spread

Sabine Parish School District, Sabine Parish

Breach Type – Unknown, Malware

Data Breaches
July 25th, 2019

Sabine Parish School District hit with malware attack
School systems were impacted, district sought state aid

ArkLaTex
July 30th, 2019

School officials believed no student or staff information was compromised
Officials stated that the attack was still undergoing investigation
School board advised that Sabine Parish was not the only district attacked

Monroe City School District, Ouachita Parish

Breach Type - Unknown, Malware

KNOE
July 16th, 2019

The school district’s systems were shut down due to a virus attack
Some concerns were shared over this attack being a ransomware attack but no evidence points to it being a ransomware attack
In order to conserve and promote investigations, the servers were individually shut down and analyzed to isolate the incident

Caddo Parish School Board, Caddo Parish

Breach Type - Phishing, Other

KSLA
January 19th, 2019

Schools lost nearly 1 Million in a phishing scheme
Hackers posed as an employee with a spoofed email
School was directed to send nearly a million dollars to false accounts
Authorities attempting to trace and recover the money
Schools have added new safeguards and software

Iberia and St. Martin Parish School Board Websites

Breach Type - Hack

KATC
November 6th, 2017

Websites hacked to display pro-ISIS propaganda
Hackers could not access personal information
Webpages shut down to restore host website

Louisiana Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in
9-1-1 Cyber News?

Follow Us!

Louisiana Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in9-1-1 Cyber News?

Follow Us!

Want the latest in
9-1-1 Cyber News?