Missouri Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Missouri.jpg
 

Public Safety

City of Springfield & Berkeley City Hall and Police Headquarters, St. Louis County

Breach Type - Hacking, Malware

Fox 2 Now

  • Berkeley City Hall and Police Headquarters offline due to hack
  • Berkeley police officers cannot issue police reports or crash reports and cannot process payments or bonds at this time
  • Investigation is ongoing
Read More

 
Marion County Jail and Law Enforcement Center, Marion Co.

Breach Type - Other, Malware

Hannibal Courier-Post

  • Virus wiped out everything stored in jail’s Lawman Records Management System
  • Jail inmate photos among the data lost
  • Sheriff reverted to simpler record-keeping system, utilizing typewriters for reports
Read More
Hannibal Courier-Post

  • Computer device used for at-home work, compromised and introduced malware to Marion system
  • Most data recovered, and Sheriff remains confident the remaining data will be restored
  • Officer’s reports, filed through the cyber-attack, had to be redone
  • Cost of repairing entire system will take several thousand dollars from jail’s computer budget
Read More

 
City of Springfield & Springfield Police, Greene County

Breach Type - Other/Computer Servers Down

Ozarks First

  • Servers that authenticate employee usernames and passwords are down
  • 911 officers hand-writing reports in the field
  • Backup paper processes used
  • Microsoft treating issue as a critical outage
Read More

 
Kansas City Police Department - Jackson Co., Clay Co., Cass Co., & Platte Co.

Breach Type - Other/Server Shut Down

KSHB 41

  • Computers shut down unexpectedly at Kansas City Police Department
  • Dispatchers and Patrol officers temporarily without some equipment
  • Backup server kicked in & calls could be answered
  • Officers manually wrote up reports as precaution
Read More

 
Camden Co. Sheriff's Department

Breach Type - Hack

ABC 17 News

  • Cyber-attack hits agency's network
  • IT department working to remediate situation
  • Announced via Facebook that a hack infiltrated system
Read More

 
Warren County Sheriff's Department

Breach Type - Ransomware

The Daily Dot

  • Advanced malware causes sensitive data to transfer to hackers
  • Hackers expose confidential information online
  • Remains unclear if ransom was paid
Read More

 
BACK TO TOP

Local Government

Joplin City Phone Service Restored After Cyber Attack

Breach Type – Unknown, Malware

GovTech.com

  • “The Joplin Police Department notified the Globe on Wednesday morning that its computers were down and the newspaper would not be able to access crime reports.”
  • “Municipal court was forced to cease operations for the day due to a resulting inability to conduct case work.”
  • "Other city services affected by the issue: Online payments for trash and sewer bills or court fines could not be made. Payments for most departments require cash or check, card payments not accepted by many departments. The health department conducting limited investigations for communicable diseases. Limited basis services for temporary Medicaid applications, vital records, animal control dispatch and some vaccinations. COVID-19 vaccinations will still be available. Help with emergency situations, such as dog bites, should be sought through 911.”
  • “Public transportation services are affected”
Read More

 
City of Joplin, Jasper County

Breach Type – Unknown, Malware

Joplin Globe

  • "Telephone service has been restored to city of Joplin offices and departments after being disrupted in an early Wednesday cybersecurity intrusion."
  • "The attack disabled many of the city government’s computerized and online operations, including its internet telephone service."
  • "A City Hall statement on Thursday said that the systems affected had been isolated and the incident reported to law enforcement. City officials also consulted a cybersecurity firm to investigate the intrusion."
  • “This incident has not impacted our ability to provide police, fire or emergency services to our community.”
Read More

 
City of Independence, Jackson County

Breach Type – Unknown, Ransomware

KMBC

  • Numerous services taken out in cyberattack hit
  • Bad actors utilized ransomware to disable systems
  • IT and third-party professionals assisted with investigation
Read More

 
St. Louis County Website, St. Louis County

Breach Type – Hacking, Other

STL Today

  • County disabled its website to mitigate cyberattack
  • Officials believed that sensitive data remained intact
  • IT personnel discovered that bad actors originated in China
Read More

 
St. Genevieve County Government, St. Genevieve County

Breach Type – Unknown, Malware

Ste. Genevieve Herald

  • Officials publicly released statements concerning a malicious cyber attack that impacted several courthouses
  • It is unknown if any sensitive information was accessed potentially exposing taxpayers or employee information
  • Once the attack was discovered actions were immediately taken in a preventative manner
Read More

 
Camden County Government Systems, Camden County

Breach Type – Unknown, Malware

Lake Expo

  • County IT personnel forced to hire third-party vendor for assistance
  • Officials believed personal and financial information remained safe
  • Federal law enforcement was notified of the cyberattack
Read More

 
Grundy County Courthouse, Grundy County

Breach Type - Unknown, Malware

KTTN

  • County clerk among several county offices hit in cyberattack
  • Courthouse remained without computer access
  • Police and prosecutor's office remained unaffected
Read More

 
City of Cape Girardeau, Cape Girardeau County

Breach Type – Unknown, Malware

KFVS12

  • Missouri city hit with malware cyberattack
  • Officials were able to get some data back
  • Citizens left unable to pay bills online or in person
Read More

 
Saline County Courthouse, Marshall County

Breach Type – Unknown, Ransomware

Marshall News

  • It took almost a week to restore servers within the courthouse to nominal status following a virus
  • Staff worked over the weekend to restore their systems and fully clear the virus
  • Some PC's were still down at the time of the report but the ransomware had almost been fully removed allowing for work to continue
Read More

 
CIty of Ashland, Boone County

Breach Type – Unknown, Ransomware

KOMU

  • A cyber hack denied officials from accessing the networks and data within
  • The city is worried about what kind of information was exposed and whether it will impact all files
  • Investigations continued as the city still didn't have access to its internal files and extent of damage is unknown
Read More

 
State Government Offices of Missouri

Phishing, Other

Spam Fighter

  • Hackers accessed an email system exposing thousands of state employees
  • Emails were sent to those potentially exposed stating the campaign was still in progress
  • Detection system was unable to block all emails but eventually the attack subsided
Read More

 
City of Washington

Breach Type - Ransomware

eMissourian

  • Victim of ransomware attack that knocked network offline
  • City spent more than $416,000 in fees to a cyber security company
  • Company aimed to expedite process of replacing network and equipment
Read More

 
St. Louis Public Library

Breach Type - Ransomware

Data Breaches

  • Hackers demand $35,000 in bitcoin
  • Library will refuse ransom
  • Entire computer system will be wiped and rebooted
Read More

 
Platt County

Breach Type - Phishing

David Dyer Max Blog

  • Treasurer of Platt County received email from Commissioner, asking to transfer funds
  • Transfer was requested to go to an out of state consultant
  • Treasurer transferred funds without proper verification
  • County lost $48,000 as a result
Read More

 
BACK TO TOP

Medical

Missouri Delta Medical Center silent about patient data dump and claimed ransomware attack, Westchester County

Breach Type – Hacking, Ransomware

DataBreaches.net

  • "Missouri Delta Medical Center (MDMC) might also be dealing with a ransomware attack by Hive threat actors. So far, however, MDMC has been tight-lipped about the claimed attack and has not responded to inquiries asking them to confirm or deny the claim."
  • "Hive claimed that they encrypted MDMC’s files on August 23. They also claim that they had exfiltrated 95000 Patient FULL INFO (NAME/SURNAME/DOB/SSN/ADDRESS/PHONE NO./ZIP/SEX/RACE/NEXT OF KIN/FULL MEDICAL DIAGNOSIS) + 400GB of Files from [Redacted by DataBreaches.net] including Patient and Employee data + Financial"
  • "…there are files that appear to be patient files with MDMC’s name and logo all over them."
  • "There is still no response from MDMC and no statement on their web site to alert patients to any possible data security incident."
Read More

 
MO: Rockwood School District Provides Notice of Ransomware Incident, St. Louis County

Breach Type – Unknown, Ransomware

DataBreaches.net

  • "Rockwood School District today is providing information about a recent event that may impact the privacy of some personal data related to current and former employees and students."
  • “On June 17, 2021, the District discovered that certain computer systems in its network had been infected with malware which prevented access to certain files on those systems."
  • “The information contained within the files at issue varied by individual but contained names, addresses, Social Security number, date of birth, financial account information, District employee identification number, MOSIS identification number, and/or student records. The District does not have any evidence that information was subject to actual or attempted misuse."
Read More

 
Perry County Memorial Hospital, Perry County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Bad actor accessed employee email accounts without authorization
  • Healthcare provider worked with external third-party IT vendors to assist
  • Patient names, dates of birth, and other private medical information was likely leaked
Read More

 
Saint Luke's Health System, Wyandotte County

Breach Type – Unknown, Data Breach

Beckers Hospital Review

  • The blackbaud breach had no sensitive information exposed
  • Many different systems were exposed in the Blackbaud breach
  • Exposure is forcing medical systems to notify patients and donors about breach
Read More

 
MU Health Care, Boone County

Breach Type – Phishing, Data Breach

Columbia Missourian

  • Healthcare center forced to offer credit monitoring services following data breach
  • Bad actors used third party software to breach security during cyberattack
  • Names, birthdates, medical record information among likely accessed files
Read More

 
MU Health Care, Boone County

Breach Type – Phishing, Data Breach

Columbia Missourian

  • A data breach has been reported last fall concerning the MU Health care patient information
  • There is no known indication of misuse of exposed sensitive information however monitoring services are still being provided
  • A third party login system was used giving bad actors full access to MU student accounts
Read More

 
BJC HealthCare, St. Louis City

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Three employee emails were showing suspicious activity so an investigation was sparked
  • Investigations weren't able to determine if sensitive information was accessed while the account was compromised
  • Some information was potentially exposed with social securities and other patient information
Read More

 
Betty Jean Kerr People's Health Center, St. Louis

Breach Type – Unknown, Ransomware

KSDK

  • Health center was victim of ransomware cyberattack
  • Roughly 150,000 individuals likely affected
  • Officials refused to pay ransom after files were locked
Read More

 
Truman Medical Center, Jackson County

Breach Type – Unknown, Ransomware

KCTV5

  • Truman Medical Center victim of ransomware attack, patient care unaffected
  • IT advised that patient personal information was not compromised
  • Officials negotiated with attackers, paid ransom to perpetrators via insurance
Read More

 
Choice Rehabilitation, St. Louis County

Breach Type - Phishing, Data Breach

St. Louis Today

  • A corporate email account was compromised
  • Private emails were forwarded to a personal account
  • Emails included sensitive financial and medical information
  • It is suspected there is a low probability of risk or harm
Read More

 
Blue Springs Family Care, Jackson Co.

Breach Type - Hacking, Ransomware

Data Breaches

  • Ransomware infected systems at Blue Springs Family Care
  • 44,979 patients notified about potential data breach
  • Blue Springs Family Care found multiple malware forms on system
Read More
KCUR

  • Blue Springs refused to pay a ransom to threat actors
  • Systems were restored from backups
Read More

 
Cass Regional Medical Center, Cass County

Breach Type - Ransomware

41 KSHB Kansas City

  • Cass Regional Medical Center diverted patients from hospital during malware attack
  • Ransomware compromised internal communications systems and EHR systems
  • Working with law enforcement and cyber security officials to stop cyber attack
Read More

 
Children's Mercy Hospital, Jackson County

Breach Type - Phishing/Data Breach

Kansas City

  • Spear phishing scheme targeted Children's Mercy Hospital employees
  • Employees entered hospital credentials into malicious webpage
  • More than 60,000 individuals potentially affected in resulting data breach
Read More

 
Black River Medical Center, Butler Co.

Breach Type - Phishing

Data Breaches

  • Black River Medical Center discovered phishing activity on its system
  • No evidence surfaced of accessed or misused patient PHI
  • Financial information & Social Security numbers unaffected
Read More

 
Namaste Health Care

Breach Type - Ransomware

Data Breaches

  • Hackers gained remote access to Namaste's server & installed ransomware virus
  • Namaste took steps to protect patient data, ultimately deciding to pay ransom
  • Notified 1,600 patients of incident
Read More

 
Burrell Behavioral Health

Breach Type - Hack

Data Breaches

  • Hackers gain access to employee email account
  • Forensic investigation could not determine if patient data accessed/misused
  • Offering free credit monitoring and identity restoration services
Read More

 
BACK TO TOP

Education

Affton School District, St. Louis County

Breach Type – Unknown, Ransomware

Data Breaches

  • A total of 1,183 people had their data dumped by threat actors after a ransomware attack
  • Names and SSNs were compromised, among other things
  • The district is offering credit monitoring, fraud consultation, and identity theft restoration services
Read More

 
Park Hills School District, Platte County

Breach Type – Unknown, Malware

KSHB Kansas City

  • Park Hills School District was forced to cancel classes Monday, March 22, 2021
  • An investigation by national experts is now ongoing
  • The district did have safety systems in place to protect student data
Read More

 
West County School District, St. Francois County

Breach Type – Unknown, Data Breach

Daily Journal Online

  • School district announced that it was potentially a victim of cyberattack last year
  • Officials stated that cases of identity theft had not yet occurred
  • Attack was ultimately assigned to third-party IT professionals for investigation
Read More

 
University of Missouri, Boone County and Phelps County

Breach Type – Unknown, Data Breach

Linn County Leader

  • Donors for the University of Missouri were affected in large scale Blackbaud attack
  • Hackers were able to gain access to personal data stored on the cloud based services
  • Payment information was not collected but personal information including addresses, dates of birth, and more were collected
Read More

 
Metropolitan Community College of Kansas City, Wyandotte County

Breach Type – Unknown, Ransomware

KCTV News 5

  • College officials announced data had been encrypted following cyberattack
  • Bad actors utilized ransomware in their hit against the college
  • Names, Social Security numbers, drivers license numbers, and more were among leaked information
Read More

 
Three Rivers College, Butler County

Breach Type – Unknown, Ransomware

Darnews

  • College forced to cease operations following cyberattack
  • School IT, third-party firm, and federal law enforcement investigated
  • Officials believed data was not lost thanks to insurance coverage
Read More

 
St. Louis Community College, St. Louis

Breach Type – Phishing, Data Breach

KSDK

  • Bad actors used phishing in cyberattack against college
  • Compromised accounts secured quickly
  • Over 5,000 people's private information was exposed
Read More

 
Ava School District, Douglas County

Breach Type – Unknown, Ransomware

KY3

  • School district victim of ransomware cyber attack, printers hacked and printed notes demanding money
  • Officials confirmed personal and student information was not compromised in attack
  • School officials discovered various potential weak points in their security, corrected where possible
Read More

 
Missouri Southern State University, Jasper County

Breach Type - Phishing, Data Breach

Document Cloud

  • The university fell victim to a phishing scam that was able to copy all information on an employee’s Office 365 Account
  • Several methods to stop the spread were taken as an IT investigation firm was consulted taking steps in further prevention
  • All the accounts that were exposed mainly contained sensitive information suck as social security, full names, dates of birth and more
Read More

 
Odessa School District

Breach Type - Phishing

Data Breaches

  • Odessa School District falls victim to spear-phishing scheme
  • Hackers posed as district superintendent
  • Employee sent W-2 information exposing employees' private information
  • Odessa one of 8 districts targeted in Missouri phishing scheme
  • Superintendent alerted staff to monitor their financial information
Read More

 
Trenton R-9 District

Breach Type - Phishing

Trenton Republican Times

  • Trenton District hit with spear phishing scheme
  • Employee exposed W-2 information to hackers
  • All 2016 Trenton District Employees potentially affected
Read More

 
Independence School District

Breach Type - Phishing

KCUR

  • Independence School District falls victim to phishing scam
  • Hackers stole private & financial data of district employees
  • Fraudulent income tax returns filed by bad actors
  • District instructed employees to file independently if they received a notice from the IRS
  • District has taken further steps to prevent future attacks
Read More

 
Washington University School of Medicine

Breach Type - Phishing

JD Supra

  • During Knox County elections, hackers launch DDoSEmployee fell victim to phishing scheme
  • Hacker accessed the infected email accounts
  • Gained access to private information on 80,000 patients
  • University discovered breach one month after its occurrence
Read More

 
BACK TO TOP