Missouri Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Missouri.jpg
 

Public Safety

Belton Police Department victim of malware attack, Cass County

Breach Type - Unknown, Malware

Fox 4
May 6th, 2022
  • "The Belton Police Department said it’s been a victim of a malware attack and the attack impacted some office computers systems."
  • "The attack prevented the department from accessing files stored on some network computers."
  • “We immediately isolated and disconnected those systems from the network as a precaution, notified the FBI and launched an investigation with the assistance of a forensic firm.”
  • “If any individual’s personal information is identified through the investigation, we will provide notice and identity monitoring service to those individuals in accordance with applicable law.”
Read More

 
City of Springfield & Berkeley City Hall and Police Headquarters, St. Louis County

Breach Type - Hacking, Malware

Fox 2 Now
April 13th, 2021
  • Berkeley City Hall and Police Headquarters offline due to hack
  • Berkeley police officers cannot issue police reports or crash reports and cannot process payments or bonds at this time
  • Investigation is ongoing
Read More

 
Marion County Jail and Law Enforcement Center, Marion Co.

Breach Type - Other, Malware

Hannibal Courier-Post
October 2nd, 2018
  • Virus wiped out everything stored in jail’s Lawman Records Management System
  • Jail inmate photos among the data lost
  • Sheriff reverted to simpler record-keeping system, utilizing typewriters for reports
Read More
Hannibal Courier-Post
October 3rd, 2018
  • Computer device used for at-home work, compromised and introduced malware to Marion system
  • Most data recovered, and Sheriff remains confident the remaining data will be restored
  • Officer’s reports, filed through the cyber-attack, had to be redone
  • Cost of repairing entire system will take several thousand dollars from jail’s computer budget
Read More

 
City of Springfield & Springfield Police, Greene County

Breach Type - Other/Computer Servers Down

Ozarks First
July 30th, 2018
  • Servers that authenticate employee usernames and passwords are down
  • 911 officers hand-writing reports in the field
  • Backup paper processes used
  • Microsoft treating issue as a critical outage
Read More

 
Kansas City Police Department - Jackson Co., Clay Co., Cass Co., & Platte Co.

Breach Type - Other/Server Shut Down

KSHB 41
June 1st, 2018
  • Computers shut down unexpectedly at Kansas City Police Department
  • Dispatchers and Patrol officers temporarily without some equipment
  • Backup server kicked in & calls could be answered
  • Officers manually wrote up reports as precaution
Read More

 
Camden Co. Sheriff's Department

Breach Type - Hack

ABC 17 News
November 29th, 2017
  • Cyber-attack hits agency's network
  • IT department working to remediate situation
  • Announced via Facebook that a hack infiltrated system
Read More

 
Warren County Sheriff's Department

Breach Type - Ransomware

The Daily Dot
March 16th, 2017
  • Advanced malware causes sensitive data to transfer to hackers
  • Hackers expose confidential information online
  • Remains unclear if ransom was paid
Read More

 
BACK TO TOP

Local Government

Joplin City Phone Service Restored After Cyber Attack

Breach Type – Unknown, Malware

GovTech.com
July 29th, 2021
  • “The Joplin Police Department notified the Globe on Wednesday morning that its computers were down and the newspaper would not be able to access crime reports.”
  • “Municipal court was forced to cease operations for the day due to a resulting inability to conduct case work.”
  • "Other city services affected by the issue: Online payments for trash and sewer bills or court fines could not be made. Payments for most departments require cash or check, card payments not accepted by many departments. The health department conducting limited investigations for communicable diseases. Limited basis services for temporary Medicaid applications, vital records, animal control dispatch and some vaccinations. COVID-19 vaccinations will still be available. Help with emergency situations, such as dog bites, should be sought through 911.”
  • “Public transportation services are affected”
Read More

 
City of Joplin, Jasper County

Breach Type – Unknown, Malware

Joplin Globe
July 9th, 2021
  • "Telephone service has been restored to city of Joplin offices and departments after being disrupted in an early Wednesday cybersecurity intrusion."
  • "The attack disabled many of the city government’s computerized and online operations, including its internet telephone service."
  • "A City Hall statement on Thursday said that the systems affected had been isolated and the incident reported to law enforcement. City officials also consulted a cybersecurity firm to investigate the intrusion."
  • “This incident has not impacted our ability to provide police, fire or emergency services to our community.”
Read More

 
City of Independence, Jackson County

Breach Type – Unknown, Ransomware

KMBC
December 7th, 2020
  • Numerous services taken out in cyberattack hit
  • Bad actors utilized ransomware to disable systems
  • IT and third-party professionals assisted with investigation
Read More

 
St. Louis County Website, St. Louis County

Breach Type – Hacking, Other

STL Today
September 10th, 2020
  • County disabled its website to mitigate cyberattack
  • Officials believed that sensitive data remained intact
  • IT personnel discovered that bad actors originated in China
Read More

 
St. Genevieve County Government, St. Genevieve County

Breach Type – Unknown, Malware

Ste. Genevieve Herald
June 9th, 2020
  • Officials publicly released statements concerning a malicious cyber attack that impacted several courthouses
  • It is unknown if any sensitive information was accessed potentially exposing taxpayers or employee information
  • Once the attack was discovered actions were immediately taken in a preventative manner
Read More

 
Camden County Government Systems, Camden County

Breach Type – Unknown, Malware

Lake Expo
April 15th, 2020
  • County IT personnel forced to hire third-party vendor for assistance
  • Officials believed personal and financial information remained safe
  • Federal law enforcement was notified of the cyberattack
Read More

 
Grundy County Courthouse, Grundy County

Breach Type - Unknown, Malware

KTTN
February 9th, 2020
  • County clerk among several county offices hit in cyberattack
  • Courthouse remained without computer access
  • Police and prosecutor's office remained unaffected
Read More

 
City of Cape Girardeau, Cape Girardeau County

Breach Type – Unknown, Malware

KFVS12
January 23rd, 2020
  • Missouri city hit with malware cyberattack
  • Officials were able to get some data back
  • Citizens left unable to pay bills online or in person
Read More

 
Saline County Courthouse, Marshall County

Breach Type – Unknown, Ransomware

Marshall News
September 5th, 2019
  • It took almost a week to restore servers within the courthouse to nominal status following a virus
  • Staff worked over the weekend to restore their systems and fully clear the virus
  • Some PC's were still down at the time of the report but the ransomware had almost been fully removed allowing for work to continue
Read More

 
CIty of Ashland, Boone County

Breach Type – Unknown, Ransomware

KOMU
August 29th, 2019
  • A cyber hack denied officials from accessing the networks and data within
  • The city is worried about what kind of information was exposed and whether it will impact all files
  • Investigations continued as the city still didn't have access to its internal files and extent of damage is unknown
Read More

 
State Government Offices of Missouri

Phishing, Other

Spam Fighter
February 18th, 2019
  • Hackers accessed an email system exposing thousands of state employees
  • Emails were sent to those potentially exposed stating the campaign was still in progress
  • Detection system was unable to block all emails but eventually the attack subsided
Read More

 
City of Washington

Breach Type - Ransomware

eMissourian
January 3rd, 2018
  • Victim of ransomware attack that knocked network offline
  • City spent more than $416,000 in fees to a cyber security company
  • Company aimed to expedite process of replacing network and equipment
Read More

 
St. Louis Public Library

Breach Type - Ransomware

Data Breaches
January 20th, 2017
  • Hackers demand $35,000 in bitcoin
  • Library will refuse ransom
  • Entire computer system will be wiped and rebooted
Read More

 
Platt County

Breach Type - Phishing

David Dyer Max Blog
October 4th, 2016
  • Treasurer of Platt County received email from Commissioner, asking to transfer funds
  • Transfer was requested to go to an out of state consultant
  • Treasurer transferred funds without proper verification
  • County lost $48,000 as a result
Read More

 
BACK TO TOP

Medical

Tague Family Practice patient records stolen and hacked, St. Lewis County

Breach Type – Unknown, Ransomware

Data Breaches
April 6, 2022
  • "On March 17, the threat actors added TFP to their leak site. More recently, they dumped data that certainly appears to be from the practice."
  • "The files pretty much all contained personal and protected health information, and much of it was sensitive."
  • “Personal information on employees was also included"
  • "DataBreaches.net does not know how many patients had their data accessed and/or acquired."
Read More

 
Capital Region reaching out to patients about cyberattack, Cole County

Breach Type – Unknown, Ransomware

Data Breaches
March 12th, 2022
  • "The Capital Region Medical Center in Missouri has started notifying patients whose protected health information (PHI) was accessed during a ransomware incident in December, 2021 that left their phone systems and network down for several days."
  • "The types of PHI that may have been accessible include: first and last name, date of birth, full mailing address, medical information, and health insurance information. For some patients, Social Security numbers, driver’s license numbers and financial account information may have been accessed."
  • "The notice does not indicate whether CRMC knows with any confidence whether any files were exfiltrated and/or leaked on the internet."
Read More

 
Missouri Delta Medical Center silent about patient data dump and claimed ransomware attack, Westchester County

Breach Type – Hacking, Ransomware

DataBreaches.net
September 12th, 2021
  • "Missouri Delta Medical Center (MDMC) might also be dealing with a ransomware attack by Hive threat actors. So far, however, MDMC has been tight-lipped about the claimed attack and has not responded to inquiries asking them to confirm or deny the claim."
  • "Hive claimed that they encrypted MDMC’s files on August 23. They also claim that they had exfiltrated 95000 Patient FULL INFO (NAME/SURNAME/DOB/SSN/ADDRESS/PHONE NO./ZIP/SEX/RACE/NEXT OF KIN/FULL MEDICAL DIAGNOSIS) + 400GB of Files from [Redacted by DataBreaches.net] including Patient and Employee data + Financial"
  • "…there are files that appear to be patient files with MDMC’s name and logo all over them."
  • "There is still no response from MDMC and no statement on their web site to alert patients to any possible data security incident."
Read More

 
MO: Rockwood School District Provides Notice of Ransomware Incident, St. Louis County

Breach Type – Unknown, Ransomware

DataBreaches.net
August 20th, 2021
  • "Rockwood School District today is providing information about a recent event that may impact the privacy of some personal data related to current and former employees and students."
  • “On June 17, 2021, the District discovered that certain computer systems in its network had been infected with malware which prevented access to certain files on those systems."
  • “The information contained within the files at issue varied by individual but contained names, addresses, Social Security number, date of birth, financial account information, District employee identification number, MOSIS identification number, and/or student records. The District does not have any evidence that information was subject to actual or attempted misuse."
Read More

 
Perry County Memorial Hospital, Perry County

Breach Type – Hacking, Data Breach

Becker's Hospital Review
October 30th, 2020
  • Bad actor accessed employee email accounts without authorization
  • Healthcare provider worked with external third-party IT vendors to assist
  • Patient names, dates of birth, and other private medical information was likely leaked
Read More

 
Saint Luke's Health System, Wyandotte County

Breach Type – Unknown, Data Breach

Beckers Hospital Review
September 15th, 2020
  • The blackbaud breach had no sensitive information exposed
  • Many different systems were exposed in the Blackbaud breach
  • Exposure is forcing medical systems to notify patients and donors about breach
Read More

 
MU Health Care, Boone County

Breach Type – Phishing, Data Breach

Columbia Missourian
June 11th, 2020
  • Healthcare center forced to offer credit monitoring services following data breach
  • Bad actors used third party software to breach security during cyberattack
  • Names, birthdates, medical record information among likely accessed files
Read More

 
MU Health Care, Boone County

Breach Type – Phishing, Data Breach

Columbia Missourian
June 11th, 2020
  • A data breach has been reported last fall concerning the MU Health care patient information
  • There is no known indication of misuse of exposed sensitive information however monitoring services are still being provided
  • A third party login system was used giving bad actors full access to MU student accounts
Read More

 
BJC HealthCare, St. Louis City

Breach Type – Hacking, Data Breach

Becker's Hospital Review
May 6th, 2020
  • Three employee emails were showing suspicious activity so an investigation was sparked
  • Investigations weren't able to determine if sensitive information was accessed while the account was compromised
  • Some information was potentially exposed with social securities and other patient information
Read More

 
Betty Jean Kerr People's Health Center, St. Louis

Breach Type – Unknown, Ransomware

KSDK
October 25th, 2019
  • Health center was victim of ransomware cyberattack
  • Roughly 150,000 individuals likely affected
  • Officials refused to pay ransom after files were locked
Read More

 
Truman Medical Center, Jackson County

Breach Type – Unknown, Ransomware

KCTV5
August 6th, 2019
  • Truman Medical Center victim of ransomware attack, patient care unaffected
  • IT advised that patient personal information was not compromised
  • Officials negotiated with attackers, paid ransom to perpetrators via insurance
Read More

 
Choice Rehabilitation, St. Louis County

Breach Type - Phishing, Data Breach

St. Louis Today
December 31st, 2018
  • A corporate email account was compromised
  • Private emails were forwarded to a personal account
  • Emails included sensitive financial and medical information
  • It is suspected there is a low probability of risk or harm
Read More

 
Blue Springs Family Care, Jackson Co.

Breach Type - Hacking, Ransomware

Data Breaches
July 26th, 2018
  • Ransomware infected systems at Blue Springs Family Care
  • 44,979 patients notified about potential data breach
  • Blue Springs Family Care found multiple malware forms on system
Read More
KCUR
May 3rd, 2021
  • Blue Springs refused to pay a ransom to threat actors
  • Systems were restored from backups
Read More

 
Cass Regional Medical Center, Cass County

Breach Type - Ransomware

41 KSHB Kansas City
July 9th, 2018
  • Cass Regional Medical Center diverted patients from hospital during malware attack
  • Ransomware compromised internal communications systems and EHR systems
  • Working with law enforcement and cyber security officials to stop cyber attack
Read More

 
Children's Mercy Hospital, Jackson County

Breach Type - Phishing/Data Breach

Kansas City
July 3rd, 2018
  • Spear phishing scheme targeted Children's Mercy Hospital employees
  • Employees entered hospital credentials into malicious webpage
  • More than 60,000 individuals potentially affected in resulting data breach
Read More

 
Black River Medical Center, Butler Co.

Breach Type - Phishing

Data Breaches
June 20th, 2018
  • Black River Medical Center discovered phishing activity on its system
  • No evidence surfaced of accessed or misused patient PHI
  • Financial information & Social Security numbers unaffected
Read More

 
Namaste Health Care

Breach Type - Ransomware

Data Breaches
October 15th, 2017
  • Hackers gained remote access to Namaste's server & installed ransomware virus
  • Namaste took steps to protect patient data, ultimately deciding to pay ransom
  • Notified 1,600 patients of incident
Read More

 
Burrell Behavioral Health

Breach Type - Hack

Data Breaches
September 3rd, 2016
  • Hackers gain access to employee email account
  • Forensic investigation could not determine if patient data accessed/misused
  • Offering free credit monitoring and identity restoration services
Read More

 
BACK TO TOP

Education

Ozarks Technical Community College announces it was a victim of cyber fraud, Greene County

Breach Type – Unknown, Other

KY3.com
April 15th, 2022
  • “Ozarks Technical Community College announced it was the victim of a cyber fraud incident that robbed the institution of nearly $900,000 this spring.”
  • “However, there was some good news in the fact that the school’s computer system was not hacked nor was this a case of Ransomware where hackers shut down an entire system until they’re paid money.”
  • “Because the investigation is ongoing, law enforcement agencies have requested that OTC not disclose any details, including which agencies are involved.”
Read More

 
Missouri school district's employee data dumped by ransomware group, Jasper County

Breach Type – Unknown, Ransomware

Data Breaches
January 11th, 2022
  • “Over the past weekend, threat actors known as Vice Society dumped data from Carthage R-9 district in Carthage, Missouri.”
  • “We are experiencing a network outage affecting information technology systems and phone systems, and are working to restore access. On December 14, 2021, our IT staff noticed suspicious activity on the network and immediately implemented our incident response protocols, disconnected network access, and took systems offline to protect our network.”
  • ”We are treating this matter with the highest priority. As part of our response process, we engaged many consultants, including independent forensic specialists, who are working to help us investigate the suspicious activity and resolve the outage. We are committed to completing a detailed analysis of our internal systems and will take all appropriate action in response to its findings.”
  • "When contacted about the incident, a spokesperson for Vice Society informed DataBreaches.net that the attack occurred in the middle of December and the district had not made them a good offer to delete the files. Because they were busy in December, the spokesperson wrote, they did not spend a lot of time looking for good files from the district.”
Read More

 
Affton School District, St. Louis County

Breach Type – Unknown, Ransomware

Data Breaches
April 2nd, 2021
  • A total of 1,183 people had their data dumped by threat actors after a ransomware attack
  • Names and SSNs were compromised, among other things
  • The district is offering credit monitoring, fraud consultation, and identity theft restoration services
Read More

 
Park Hills School District, Platte County

Breach Type – Unknown, Malware

KSHB Kansas City
March 22nd, 2021
  • Park Hills School District was forced to cancel classes Monday, March 22, 2021
  • An investigation by national experts is now ongoing
  • The district did have safety systems in place to protect student data
Read More

 
West County School District, St. Francois County

Breach Type – Unknown, Data Breach

Daily Journal Online
September 14th, 2020
  • School district announced that it was potentially a victim of cyberattack last year
  • Officials stated that cases of identity theft had not yet occurred
  • Attack was ultimately assigned to third-party IT professionals for investigation
Read More

 
University of Missouri, Boone County and Phelps County

Breach Type – Unknown, Data Breach

Linn County Leader
September 5th, 2020
  • Donors for the University of Missouri were affected in large scale Blackbaud attack
  • Hackers were able to gain access to personal data stored on the cloud based services
  • Payment information was not collected but personal information including addresses, dates of birth, and more were collected
Read More

 
Metropolitan Community College of Kansas City, Wyandotte County

Breach Type – Unknown, Ransomware

KCTV News 5
August 12th, 2020
  • College officials announced data had been encrypted following cyberattack
  • Bad actors utilized ransomware in their hit against the college
  • Names, Social Security numbers, drivers license numbers, and more were among leaked information
Read More

 
Three Rivers College, Butler County

Breach Type – Unknown, Ransomware

Darnews
March 14th, 2020
  • College forced to cease operations following cyberattack
  • School IT, third-party firm, and federal law enforcement investigated
  • Officials believed data was not lost thanks to insurance coverage
Read More

 
St. Louis Community College, St. Louis

Breach Type – Phishing, Data Breach

KSDK
February 4th, 2020
  • Bad actors used phishing in cyberattack against college
  • Compromised accounts secured quickly
  • Over 5,000 people's private information was exposed
Read More

 
Ava School District, Douglas County

Breach Type – Unknown, Ransomware

KY3
September 18th, 2019
  • School district victim of ransomware cyber attack, printers hacked and printed notes demanding money
  • Officials confirmed personal and student information was not compromised in attack
  • School officials discovered various potential weak points in their security, corrected where possible
Read More

 
Missouri Southern State University, Jasper County

Breach Type - Phishing, Data Breach

Document Cloud
June 6th, 2019
  • The university fell victim to a phishing scam that was able to copy all information on an employee’s Office 365 Account
  • Several methods to stop the spread were taken as an IT investigation firm was consulted taking steps in further prevention
  • All the accounts that were exposed mainly contained sensitive information suck as social security, full names, dates of birth and more
Read More

 
Odessa School District

Breach Type - Phishing

Data Breaches
January 25th, 2017
  • Odessa School District falls victim to spear-phishing scheme
  • Hackers posed as district superintendent
  • Employee sent W-2 information exposing employees' private information
  • Odessa one of 8 districts targeted in Missouri phishing scheme
  • Superintendent alerted staff to monitor their financial information
Read More

 
Trenton R-9 District

Breach Type - Phishing

Trenton Republican Times
January 3rd, 2017
  • Trenton District hit with spear phishing scheme
  • Employee exposed W-2 information to hackers
  • All 2016 Trenton District Employees potentially affected
Read More

 
Independence School District

Breach Type - Phishing

KCUR
January 20th, 2017
  • Independence School District falls victim to phishing scam
  • Hackers stole private & financial data of district employees
  • Fraudulent income tax returns filed by bad actors
  • District instructed employees to file independently if they received a notice from the IRS
  • District has taken further steps to prevent future attacks
Read More

 
Washington University School of Medicine

Breach Type - Phishing

JD Supra
December 2nd, 2016
  • During Knox County elections, hackers launch DDoSEmployee fell victim to phishing scheme
  • Hacker accessed the infected email accounts
  • Gained access to private information on 80,000 patients
  • University discovered breach one month after its occurrence
Read More

 
BACK TO TOP