Ohio Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Ohio.jpg
 

Public Safety

Westlake Police Department, Cuyahoga County

Breach Type – Unknown, Ransomware

Fox 8

  • Bad actors attacked the Westlake Police Station and deleted records of police dash-cam recordings
  • The ransomware never demanded a payment and instead froze police computers deleting evidence
  • Computer systems were restored and reset prompting the Department to put in protective measures
Read More

 
Butler County Sheriff's Office Computer Network, Butler County

Breach Type – Unknown, Malware

Fox 19

  • Butler County Sheriff released public statement that malware was recently detected on Sheriff's office computer network
  • The automated call system was rendered offline for approximately 10 days from malware
  • Once the malware was discovered investigations were launched to determine scope of damage
Read More
Journal News

  • Cybersecurity consultants are working on investigations and cause of malware infestation on Sheriff's office network
  • All 911 operations were maintained however CAD the dispatch program took the brunt of impact
  • Backups were used as systems were rendered nominal and back to full function
Read More
Journal News

  • Last December, a malware attack disrupted the Computer Aided Dispatch (CAD) system and other parts of the sheriff’s department operations. BCSO Finance Director Vickie Barger told the Journal-News the total cost for equipment, repairs and overtime was $179,416, and the county’s insurance company paid nearly $70,000
  • The breach mainly impacted the CAD system, which meant dispatchers and the crews they were sending to emergencies had to resort to pulling out maps and pens and paper to get the job done and reports generated
  • …There’s a small, small amount that was lost. We’ve been able to work through all the safeguards we’ve put in place,” Dwyer said. “But by no means feel the threats aren’t still out there. You’ve got people trying to hack government sites everyday
Read More

 
Ross County Sheriff's Office ,Ross County

Breach Type – Phishing, Data Breach

Valley Guardian

  • Sheriff’s office victim of recent cyber attack potentially exposing thousands of people
  • Attack was sent through documents in email spreading to entire Sheriff’s office network
  • Information exposed contained payment information, social security numbers, police reports, 9-1-1 calls, and more
Read More

 
City of Akron & Akron 311 system, Summit County

Breach Type – Ransomware

Ohio

  • A cyberattack shut down the 311 system and affected software and hardware systems
  • Five figure sum of money was demanded by hackers
  • City did not respond due to back-ups made of all files
Read More

 
Ohio Valley Medical Center and East Ohio Regional Hospital, Belmont County

Breach Type - Ransomware

WTRF

  • Cyber-attack penetrates Ohio hospital’s second layer of cyber-protection
  • Hospitals placed on yellow diversion
  • EMS services forced to reroute ER patients to other area hospitals as a result
Read More

 
City of Akron & Akron Police Department Websites, Summit County

Breach Type - DDoS/Other

News 5 Cleveland

  • DDoS attacks overwhelm City of Akron & Akron Police Department Websites
  • Hacker took credit on Twitter for attacks, spread propaganda about Akron Police
  • Claimed to work with hacking group known as "Anonymous"
  • Hacker arrested and will stand trial for attacks on various Ohio Public Safety entities
Read More

 
City of Riverside, Riverside Police & Fire records, Montgomery County

Breach Type - Ransomware

Dayton Daily News

  • 2nd virus hits City of Riverside Police & Fire server containing reports
  • Virus erased 8 hours' worth of data
  • It is not known if confidential investigatory data has been exposed to hackers
  • Personal information has not been disseminated
Read More
Bleeping Computer

  • Second virus identified as ransomware
  • U.S. Secret Service Agents leading investigation
  • Have not fully recovered from first or second ransomware attack
Read More
My Dayton Daily News

  • Police chief states that officers could not access digital reports, hand written reports used in field
  • Online gateway impacted in event, gateway could not handle a potential 3rd hit
  • Riverside’s IT contractor stated the data, on the police department network, lacked proper encryption for sensitive information
Read More

 
City of Riverside, Riverside Police & Fire

Breach Type - Ransomware

WHIO TV 7

  • City of Riverside falls victim to ransomware attack
  • Malware infection appeared to be an "email fax"
  • Riverside Police & Fire server lost a year's worth of files
  • City did not pay ransom, recovering data with backups
Read More

 
Mad River Fire TWP. & EMS

Breach Type - Ransomware

Springfield News Sun

  • Fighting ransomware encrypting files containing years' worth of data
  • Hackers asking for thousands of dollars
  • Data does not contain personal information
  • Health and human services have been notified
  • Mad River refusing to pay ransom so far
Read More

 
Wooster-Ashland Police & Fire Departments

Breach Type - Data Breach

WKCY

  • Joint law enforcement dispatch center hacked
  • Police & fire hacked, leaving 200,000+ files compromised
  • Ashland Count dispatch system covered for Wooster-Ashland until systems back online
Read More

 
Licking County 911 Center

Breach Type - Ransomware

10 TV

  • Virus demands payment in bitcoin in exchange for dispatch systems online
  • Dispatchers use notepads
  • Calls coming from landlines cannot be mapped out if user becomes unresponsive
Read More
WFAE

  • Paid ransom to hackers
Read More

 
BACK TO TOP

Local Government

Toledo library computers, network hit in "targeted cybersecurity incident", Lucas County

Breach Type – Unknown, Malware

ABC13 WTVG Action News

  • “Patrons of the Toledo-Lucas County Public Library system may have noticed a problem logging onto public computers this week. Representatives from the library confirmed in a news release Tuesday morning that the library computers were subject to a “targeted cybersecurity incident” that took them offline.”
  • “The library spokesperson did not elaborate on the nature of the incident or when the library’s network would be brought back online but did ensure that they would still welcome patrons to browse their collections, check out materials, and attend library programs.”
  • "The public was first made aware of the issue on Monday morning by a post to the Toledo-Lucas County Public Library social media pages. Tuesday’s release included additional details and noted that library administrators were working with “a team of forensic experts to fully understand the extent and implications of this incident.”
Read More

 
Potential attempted hacking of Milford's water system referred to FBI, Clermont County

Breach Type – Hacking, Other

The Clermont Sun

  • “The hack did corrupt one of the water department desktop computers,”
  • On July 2… the computer system program normally on display had been minimized and observed the mouse pointer on the screen moving. The computer uses a program called Supervisory Control and Data Acquisition (SCADA), which controls the water pumps in the water treatment facility. If the system were to be disabled, the city would only have the water in the tower to provide water for the 7,000 residents of the city until the pumps were back online.”
  • “That SCADA program was minimized and “someone was opening various screens in the operating system of the computer.” … someone was in the process of opening a menu to disconnect the computer from the internet; however, (Department’s supervisor) was able to take control of the mouse and prevent the disconnect.”
Read More

 
Geneva, Ohio Discloses Ransomware Attack, Ashtabula County

Breach Type – Unknown, Ransomware

DataBreaches.net

  • “Early Friday moning, July 16, 2021, the City of Geneva discovered an online breach into the city’s website and online data systems. The City of Geneva’s executive management and information technology department immediately began accessing the city departments that could have exposure,”
  • “Emergency operations reportedly remain up and running and there has been no disruption in emergency services to the city.”
  • “On July 18, threat actors calling themselves AVOSLocker listed Geneva on their dedicated leak site with a message: The city of Geneva, in Ohio, was recently locked by one of our partners. We are waiting for them to contact us. In the mean time, we are releasing a small sample of files that were exfiltrated from their network. Sensitive citizen information such as social security numbers & credit cards were redacted.”
  • “As proof of claims, they uploaded a few screencaps of files that involved criminal charges against one person, a directory of files from a drive, and some tax-related files which, unfortunately, were not fully redacted.”
Read More

 
Malware Takes Down Clark County Network Servers

Breach Type – Unknown, Malware

Springfield News Sun

  • Clark County officials said Friday it is unclear when their network will be fully restored after malware activity caused it to go down. The county reported on Thursday that all of their computer servers where down. However, the 911 system remained working amid the incident
  • County officials said that the investigation does involve criminal activity and that there is no evidence at this time that the county’s information has been compromised as a result of the malware activity
  • They said that includes no evidence so far of a data breach, indicating that the publics’ information is safe and has not been compromised
  • The county had no access to services such as records request, county searches, case number searches, images or dockets related to the Common Pleas Clerk’s Office, according to Clerk of Courts Melissa Tuttle
  • The county still has paper files and people can search for cases that way with a case number, and Title Offices are not affected, Tuttle said
Read More

 
Lucas County Auditor's Office, Lucas County

Breach Type – Phishing, Other

WTOL

  • An employee within the Lucas County Auditor's Office has fallen victim to phishing scam
  • Over $600,000 in taxpayer funds were sent out to bad actor in six month period
  • Precautionary methods are now being put in place including authorization from multiple employees to send out funds
Read More

 
City of Athens, Athens County

Breach Type – Hacking, Data Breach

ABC 6

  • Tax, finance, and payroll system information was accessed following cyberattack
  • Officials discovered a suspicious breach had occurred earlier in the year
  • Third party investigations found no evidence sensitive data was stolen
Read More

 
City of Avon Lake, Lorain County

Breach Type – Phishing, Other

Cleveland.com

  • Fraudulent emails were sent from city servers
  • Phishing was utilized in cyberattack scheme
  • Bad actors attempted to defraud citizenry
Read More

 
Department of Job and Family Services (Pandemic Unemployment Program), State of Ohio

Breach Type – Hacking, TDoS/DDoS

The Blade

  • Bad actors utilized hacking in denial of service cyberattack
  • Officials confirmed the impact was minimum
  • IT personnel were able to respond quickly and mitigate damage
Read More

 
City of Toledo, Lucas County

Breach Type - Phishing, Other

Toledo Blade

  • Bad actors almost stole $200,000 from city
  • Phishing scheme utilized in cyberattack
  • Officials discovered scheme when they spoke with contractor
Read More

 
Lorain County Recorder’s Office, Lorain County

Breach Type – Unknown, Malware

Chroniclet

  • Malware attack forced County Recorder's officials to use pen and paper
  • Officials believed the attack was limited solely to the Recorder's Office
  • Online services were impacted during the cyberattack
Read More
Bleeping Computer

  • Bad actors released 2GB of data out of 32GB total information stolen
  • Ransomware cyberattack affected email and phone services
  • Bad actors confirmed the theft to members of the media
Read More

 
Sandusky County Government Systems, Sandusky County

Breach Type – Unknown, Malware

The News Messenger

  • Sandusky County communications system hit with malware attack
  • IT discovered malware on county computer network
  • Email, jail roster website, other functions were affected in attack
Read More

 
City of Richmond Heights, Cuyahoga County

Breach Type – Unknown, Ransomware

News 5 Cleveland

  • Cyber criminals hit computer in city hall with ransomware which infected the city’s server
  • Only one day after initial discovery, the mayor confirmed all systems were operational again
  • Infiltration method is still not clear, but an investigation is underway
  • City moved quickly to contact and involve local and federal partners
Read More

 
Fayette County Government Systems, Fayette County

Breach Type - Unknown, Ransomware

Record Herald

  • Cyber-security consultants were able to note the suspicious activity coming onto the county network
  • This specific malware was made out to be ransomware, unaffecting their cloud storage
  • Due to efficient backups the government was working to restore its systems from the ground up
Read More

 
Cleveland Hopkins International Airport, Cuyahoga County

Breach Type - Hacking, Other

Fox 8

  • Cleveland Hopkins International Airport hacked by unknown source
  • Monitors showing flight departures and arrivals, as well as email, went down
  • FBI contacted by city and airport official for investigation
Read More
Cleveland

  • Cleveland Hopkins International Airport CIO confirmed ransomware attack
  • Attack did not stop or delay flight schedules or security operations
  • The malware directed the city to respond to an e-mail address, which the city did not do
Read More

 
Stark County Regional Planning Commission, Stark County

Breach Type - Phishing, Malware

Indie Online

  • IT center requested $190,000 to fund a virtual infrastructure
  • Employee had exposed the systems by clicking on a link in an email
  • It took around 6 hours to completely eradicate the virus from the computers
Read More

 
Village of Jefferson, Ashtabula County

Breach Type - Ransomware

Star Beacon

  • Ransomware virus infects Village of Jefferson computer
  • Server shut down, wiped, & information restored through backups
  • Cleanup forced community center to shut down for several days
  • Incoming revenue tracking and post transactions completed by hand
Read More

 
City of Greenville, Darke County

Breach Type - Phishing

WHIO TV 7

  • City of Greenville employee email accounts infected with malware
  • Phishing scheme spread faulty Word Document infecting three accounts
  • Greenville emails targeted & spreading malspam to City contacts
Read More

 
City of Marion Website, Marion County

Breach Type - Cryptojack/Other

Coin Desk

  • Websites running Drupal Content Managing System infected with cryptomining software
  • The malicious software, known as Coinhive, mines for the cryptocurrency Monero
  • Hackers cryptojacked more than 300 websites
  • City of Marion website infected with Coinhive
Read More

 
Summit County Engineer's Office

Breach Type - Hack

News 5 Cleveland

  • Two employees email accounts hacked
  • County Engineer sends warning not to open emails from their office
  • Unknown if data was compromised during breach
Read More

 
Ohio Governor Website

Breach Type - Hack

Fox News

  • Gov. John Kasich’s website one of several in ISIS Propaganda hack
  • Page also played the Islamic Call to Prayer & displayed Arabic writings, before it was shut down
  • Team System Dz claims responsibility
Read More

 
City of Twinsburg

Breach Type - Phishing

Cleveland 19

  • More than 500 employees had W2s stolen in phishing scam
  • Some employees already dealing with taxes being filed by hackers
  • The IRS and Twinsburg Police investigating
Read More

 
Henry County

Breach Type - Ransomware

The Blade

  • Ransomware may have exposed more than 17,000 county voters’ personal information
  • Offered a free year of service from a credit-monitoring company
  • No ransom was paid and the data was recovered from backup files
  • No votes lost
Read More

 
Columbiana Juvenile Court

Breach Type - Ransomware

The Review

  • Officials paid $2,883 ransom
  • Didn’t feel like they had an option
  • Received everything without any loss of data or damage to system
  • Ransomware infected computer systems before Court had a chance to backup files
Read More

 
BACK TO TOP

Medical

EHR Downtime Persists in Wake of Ohio Medical Center Cyberattack, Scioto County

Breach Type – Hacking, Malware

Health IT Security

  • “Southern Ohio Medical Center is currently facing EHR downtime and appointment cancelations as it recovers from a cyberattack that previously led to ambulance diversions"
  • “…a subsequent post explained that an unauthorized third party gained access to SOMCs computer servers in a targeted cyberattack. SOMC said it began working with federal law enforcement and internet security firms to investigate the incident"
  • “SOMC reverted back to documenting clinical notes on pen and paper. EHR downtime restricts access to critical information about a patient’s medical history and treatment plan."
Read More

 
Memorial Health Systems subject of ransomware attack Sunday, Washington County

Breach Type – Unknown, Ransomware

The Athens Messanger

  • “Staff at our hospitals- Marietta Memorial, Selby, and Sistersville General Hospital — are working with paper charts while systems are restored, and data recovered.”
  • " Memorial Health System experienced an security incident in the early morning hours on Sunday, according to a release. As a result, Memorial Health suspended user access to information technology applications related to operations."
  • " the health system discovered that an unauthorized third party gained access to its network and may have obtained files containing patient information May 2."
  • “At this time no known patient or employee personal or financial information has been compromised,”
  • “We are continuing to work with IT security experts to methodically investigate to precisely understand what happened and are taking the appropriate actions to resolve any and all issues.”
Read More

 
Five Rivers Health Centers Notified 155,748 Patients After Phishing Incident

Breach Type – Unknown

DataBreaches.net

  • On May 28, 2021, Five Rivers notified certain individuals about an email compromise that was the result of a phishing email incident. Upon learning of the situation, Five Rivers secured the accounts and commenced a prompt and thorough investigation
  • Five Rivers discovered on March 31, 2021 that the email accounts that were accessed between April 1, 2020 and June 2, 2020 contained personal and/or protected health information, including names, dates of birth, addresses, Medical Record Number (MRN), Patient Account Number (PAN), medical diagnosis, treatment and/or clinical information, test results or lab reports, provider name, date of service, treatment cost information, prescription information, health insurance information and/or policy numbers, and Medicaid or Medicare numbers, financial account numbers, payment card numbers, driver’s license or state ID number, and/or SS numbers for a limited number of individuals were also included in the impacted accounts
  • Five Rivers has no evidence that any information was or will be used for any unintended purpose
Read More

 
Fisher-Titus Medical Center, Huron County

Breach Type – Hacking, Data Breach

Sandusky Register

  • Bad actor compromised IT systems of healthcare provider
  • During three month period, bad actor utilized employee email
  • Full names, Social Security numbers, cred and debit numbers, and medical information likely compromised
Read More

 
Kroger Co., Hamilton County

Breach Type – Unknown, Data Breach

The Atlanta Journal-Constitution

  • Patient names and personal information compromised following cyberattack
  • Breach did not affect grocery store or IT data
  • Grocery chain offering credit monitoring to those affected
Read More

 
Ashtabula County Medical Center, Ashtabula County

Breach Type – Unknown, Malware

Star Beacon

  • Medical center computers remain off line following cyber attack
  • Emergency department remains open while elective procedures are being postponed
  • Investigations have not discovered any potential sensitive information being exposed
Read More

 
The Christ Hospital Health Network (TCHHN), Hamilton County

Breach Type – Unknown, Data Breach

PR Newswire

  • Healthcare provider notified affected patients of data breach
  • Upon discovery of cyberattack, officials launched internal investigation
  • Affected individuals were encouraged to take preventative financial action
Read More

 
Premier Health Partners, Montgomery County

Breach Type – Phishing, Data Breach

Data Breaches

  • Several healthcare providers hit in elaborate phishing cyberattack
  • IT personnel conducted investigation, worked closely with computer forensics firm
  • Officials stated that they reset email passwords and retrained staff on protocol
Read More

 
Kroger Co., Hamilton County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Nearly 11,000 individuals affected in cyberattack
  • Officials have declined any comment on the incident
  • Kroger reported the healthcare provider had been hacked
Read More

 
University of Cincinnati Health, Hamilton County

Breach Type – Phishing, Data Breach

HIPAA Journal

  • Bad actor gained access to university health system
  • Officials investigated data breach, numerous emails accessed
  • Forensics unable to determine if information was copied
Read More

 
Eye Care Associates, Inc., Trumbull, Mahoning and Columbiana Counties

Breach Type – Unknown, Ransomware

Business Journal Daily

  • The eye center fell victim to a cyber attack that lasted several weeks locking out users
  • An unknown amount of ransom was requested in an email to offer restoration of the systems
  • This hack has caused the eye care facility to be put of business for several weeks inhibiting new patients from being taken in
Read More

 
Edgepark Medical Supplies, Summit County

Breach Type - Hacking, Data Breach

Data Breaches

  • Following an investigation it was determined that accounts were “password sprayed” in attempts to get into accounts
  • It is possible some customer information including private sensitive information may have been compromised from the attack
  • The customers sensitive information like Social Security, credit cards, and other financial information had not been compromised
Read More

 
N.E.O Urology, Mahoning County

Breach Type - Unknown, Ransomware

WFMJ

  • The medical practice was hacked and ransom was requested in order for systems to be unlocked
  • Discovery of the hack was through a fax containing how to pay and who to contact for further instructions
  • Originally stemming from Russia, over $75,000 in ransom money was paid as there was several thousands in revenue loss during the down time
Read More

 
Equitas Health, Franklin County

Breach Type - Phishing, Data Breach

Data Breaches

  • Equitas Health determined an unauthorized individual accessed two e-mail accounts
  • Company became aware of incursion into employee's e-mail account on January 8, 2019
  • Up to 569 affiliated members likely affected in the attack
Read More

 
Health Recovery Services, Athens County

Breach Type - Hacking, Data Breach

Health IT Security

  • Ohio medical company victim of three month breach that accessed server with patient data
  • Over 20,000 patients were notified that their information may have been accessed
  • Affected server and network were disconnected upon discovery, server contained patient personal information
Read More

 
Aultman Hospital, Stark Co.

Breach Type - Hack

Cleveland 19

  • Hackers accessed Aultman employee email accounts
  • Private information of Aultman patients potentially exposed
  • Hospital reset account credentials to prevent further damage
Read More

 
Ohio State Veterinary Medical Center

Breach Type - Hack

Data Breaches

  • 4,611 clients affected by hacking incident
  • All private patient information potentially compromised
  • No evidence surfaced of misuse of client data
Read More

 
BACK TO TOP

Education

Baldwin Wallace University, Cuyahoga County

Breach Type – Unknown, Data Breach

WKYC

  • The University was the recent victim of a cyber attack
  • The attack occurred Jan. 29th and prompted the university to work with both the FBI and cyber security experts
  • There is no evidence that any personal information has been compromised although investigations are ongoing
Read More

 
Toledo public schools, Lucas county

Breach Type – Unknown, Ransomware

Data Breaches

  • Toledo public schools have not verified recent online exposure of over 10,000 students
  • The hacking group Maze dumped over 9 GB of compressed data online
  • Information included data regarding demographic information on students
Read More

 
Kent State, Portage County

Breach Type – Hacking, Other

Kent Wired

  • Over 3,000 student emails hacked by bad actors
  • IT officials advised attack happened from credential harvesting
  • Affected students encouraged to change credential information
Read More

 
Oklahoma City Public Schools, Oklahoma County

Breach Type - Ransomware

Cleveland19

  • Coventry Local Schools infected by Trickbot virus, computers and network affected
  • School officials cancelled school after considering student's interests
  • IT team working hard to stop and fix the issue, however they admitted it was a grueling process
Read More
Ohio

  • School officials spoke with FBI, determined goal was to glean banking information or digital financial assets
  • Telephone and HVAC systems for heating and cooling were affected, as well as several other systems
  • All connected and infected devices were disconnected from the network to help alleviate the issue
Read More

 
Aurora City Schools District, Portage County

Hacking, Other

Record Courier

  • Officials state that an undisclosed amount of money was recovered whereas some was compromised after attack
  • Hackers were stated to be very experienced as they lead this attack against the district
  • The department was made aware of the attack and proceeded to contact local police and the FBI
Read More

 
Dayton Public Schools District, Montgomery County

Phishing, Other

ABC 22

  • Investigators found a hacker posed as the superintendent and claimed her paycheck
  • An email was sent to the payroll department claiming that the bank about needed to be changed
  • $5,000 dollars was already taken before the money was noticed missing
Read More

 
Career and Technology Education Center, Licking Co.

Breach Type - Hacking, Data Breach

Newark Advocate

  • Hackers target system at Licking County's C-TEC
  • Breached personal & private information on school server
  • Identifying & notifying potentially affected individuals
Read More

 
Mt. Healthy City Schools

Breach Type - Phishing

WLWT

  • Mt. Healthy City Schools fall victim to phishing scheme
  • W-2 forms from all employees of 2016 released to hackers
  • Superintendent to notify all affected employees
  • Law enforcement leading investigation & Superintendent proactive in resolving security issues
Read More

 

BACK TO TOP