Ohio Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Ohio.jpg
 

Public Safety

Westlake Police Department, Cuyahoga County

Breach Type – Unknown, Ransomware

Fox 8

  • Bad actors attacked the Westlake Police Station and deleted records of police dash-cam recordings
  • The ransomware never demanded a payment and instead froze police computers deleting evidence
  • Computer systems were restored and reset prompting the Department to put in protective measures
Read More

 
Butler County Sheriff's Office Computer Network, Butler County

Breach Type – Unknown, Malware

Fox 19

  • Butler County Sheriff released public statement that malware was recently detected on Sheriff's office computer network
  • The automated call system was rendered offline for approximately 10 days from malware
  • Once the malware was discovered investigations were launched to determine scope of damage
Read More
Journal News

  • Cybersecurity consultants are working on investigations and cause of malware infestation on Sheriff's office network
  • All 911 operations were maintained however CAD the dispatch program took the brunt of impact
  • Backups were used as systems were rendered nominal and back to full function
Read More

 
Ross County Sheriff's Office ,Ross County

Breach Type – Phishing, Data Breach

Valley Guardian

  • Sheriff’s office victim of recent cyber attack potentially exposing thousands of people
  • Attack was sent through documents in email spreading to entire Sheriff’s office network
  • Information exposed contained payment information, social security numbers, police reports, 9-1-1 calls, and more
Read More

 
City of Akron & Akron 311 system, Summit County

Breach Type – Ransomware

Ohio

  • A cyberattack shut down the 311 system and affected software and hardware systems
  • Five figure sum of money was demanded by hackers
  • City did not respond due to back-ups made of all files
Read More

 
Ohio Valley Medical Center and East Ohio Regional Hospital, Belmont County

Breach Type - Ransomware

WTRF

  • Cyber-attack penetrates Ohio hospital’s second layer of cyber-protection
  • Hospitals placed on yellow diversion
  • EMS services forced to reroute ER patients to other area hospitals as a result
Read More

 
City of Akron & Akron Police Department Websites, Summit County

Breach Type - DDoS/Other

News 5 Cleveland

  • DDoS attacks overwhelm City of Akron & Akron Police Department Websites
  • Hacker took credit on Twitter for attacks, spread propaganda about Akron Police
  • Claimed to work with hacking group known as "Anonymous"
  • Hacker arrested and will stand trial for attacks on various Ohio Public Safety entities
Read More

 
City of Riverside, Riverside Police & Fire records, Montgomery County

Breach Type - Ransomware

Dayton Daily News

  • 2nd virus hits City of Riverside Police & Fire server containing reports
  • Virus erased 8 hours' worth of data
  • It is not known if confidential investigatory data has been exposed to hackers
  • Personal information has not been disseminated
Read More
Bleeping Computer

  • Second virus identified as ransomware
  • U.S. Secret Service Agents leading investigation
  • Have not fully recovered from first or second ransomware attack
Read More
My Dayton Daily News

  • Police chief states that officers could not access digital reports, hand written reports used in field
  • Online gateway impacted in event, gateway could not handle a potential 3rd hit
  • Riverside’s IT contractor stated the data, on the police department network, lacked proper encryption for sensitive information
Read More

 
City of Riverside, Riverside Police & Fire

Breach Type - Ransomware

WHIO TV 7

  • City of Riverside falls victim to ransomware attack
  • Malware infection appeared to be an "email fax"
  • Riverside Police & Fire server lost a year's worth of files
  • City did not pay ransom, recovering data with backups
Read More

 
Mad River Fire TWP. & EMS

Breach Type - Ransomware

Springfield News Sun

  • Fighting ransomware encrypting files containing years' worth of data
  • Hackers asking for thousands of dollars
  • Data does not contain personal information
  • Health and human services have been notified
  • Mad River refusing to pay ransom so far
Read More

 
Wooster-Ashland Police & Fire Departments

Breach Type - Data Breach

WKCY

  • Joint law enforcement dispatch center hacked
  • Police & fire hacked, leaving 200,000+ files compromised
  • Ashland Count dispatch system covered for Wooster-Ashland until systems back online
Read More

 
Licking County 911 Center

Breach Type - Ransomware

10 TV

  • Virus demands payment in bitcoin in exchange for dispatch systems online
  • Dispatchers use notepads
  • Calls coming from landlines cannot be mapped out if user becomes unresponsive
Read More
WFAE

  • Paid ransom to hackers
Read More

 
BACK TO TOP

Local Government

Lucas County Auditor's Office, Lucas County

Breach Type – Phishing, Other

WTOL

  • An employee within the Lucas County Auditor's Office has fallen victim to phishing scam
  • Over $600,000 in taxpayer funds were sent out to bad actor in six month period
  • Precautionary methods are now being put in place including authorization from multiple employees to send out funds
Read More

 
City of Athens, Athens County

Breach Type – Hacking, Data Breach

ABC 6

  • Tax, finance, and payroll system information was accessed following cyberattack
  • Officials discovered a suspicious breach had occurred earlier in the year
  • Third party investigations found no evidence sensitive data was stolen
Read More

 
City of Avon Lake, Lorain County

Breach Type – Phishing, Other

Cleveland.com

  • Fraudulent emails were sent from city servers
  • Phishing was utilized in cyberattack scheme
  • Bad actors attempted to defraud citizenry
Read More

 
Department of Job and Family Services (Pandemic Unemployment Program), State of Ohio

Breach Type – Hacking, TDoS/DDoS

The Blade

  • Bad actors utilized hacking in denial of service cyberattack
  • Officials confirmed the impact was minimum
  • IT personnel were able to respond quickly and mitigate damage
Read More

 
City of Toledo, Lucas County

Breach Type - Phishing, Other

Toledo Blade

  • Bad actors almost stole $200,000 from city
  • Phishing scheme utilized in cyberattack
  • Officials discovered scheme when they spoke with contractor
Read More

 
Lorain County Recorder’s Office, Lorain County

Breach Type – Unknown, Malware

Chroniclet

  • Malware attack forced County Recorder's officials to use pen and paper
  • Officials believed the attack was limited solely to the Recorder's Office
  • Online services were impacted during the cyberattack
Read More
Bleeping Computer

  • Bad actors released 2GB of data out of 32GB total information stolen
  • Ransomware cyberattack affected email and phone services
  • Bad actors confirmed the theft to members of the media
Read More

 
Sandusky County Government Systems, Sandusky County

Breach Type – Unknown, Malware

The News Messenger

  • Sandusky County communications system hit with malware attack
  • IT discovered malware on county computer network
  • Email, jail roster website, other functions were affected in attack
Read More

 
City of Richmond Heights, Cuyahoga County

Breach Type – Unknown, Ransomware

News 5 Cleveland

  • Cyber criminals hit computer in city hall with ransomware which infected the city’s server
  • Only one day after initial discovery, the mayor confirmed all systems were operational again
  • Infiltration method is still not clear, but an investigation is underway
  • City moved quickly to contact and involve local and federal partners
Read More

 
Fayette County Government Systems, Fayette County

Breach Type - Unknown, Ransomware

Record Herald

  • Cyber-security consultants were able to note the suspicious activity coming onto the county network
  • This specific malware was made out to be ransomware, unaffecting their cloud storage
  • Due to efficient backups the government was working to restore its systems from the ground up
Read More

 
Cleveland Hopkins International Airport, Cuyahoga County

Breach Type - Hacking, Other

Fox 8

  • Cleveland Hopkins International Airport hacked by unknown source
  • Monitors showing flight departures and arrivals, as well as email, went down
  • FBI contacted by city and airport official for investigation
Read More
Cleveland

  • Cleveland Hopkins International Airport CIO confirmed ransomware attack
  • Attack did not stop or delay flight schedules or security operations
  • The malware directed the city to respond to an e-mail address, which the city did not do
Read More

 
Stark County Regional Planning Commission, Stark County

Breach Type - Phishing, Malware

Indie Online

  • IT center requested $190,000 to fund a virtual infrastructure
  • Employee had exposed the systems by clicking on a link in an email
  • It took around 6 hours to completely eradicate the virus from the computers
Read More

 
Village of Jefferson, Ashtabula County

Breach Type - Ransomware

Star Beacon

  • Ransomware virus infects Village of Jefferson computer
  • Server shut down, wiped, & information restored through backups
  • Cleanup forced community center to shut down for several days
  • Incoming revenue tracking and post transactions completed by hand
Read More

 
City of Greenville, Darke County

Breach Type - Phishing

WHIO TV 7

  • City of Greenville employee email accounts infected with malware
  • Phishing scheme spread faulty Word Document infecting three accounts
  • Greenville emails targeted & spreading malspam to City contacts
Read More

 
City of Marion Website, Marion County

Breach Type - Cryptojack/Other

Coin Desk

  • Websites running Drupal Content Managing System infected with cryptomining software
  • The malicious software, known as Coinhive, mines for the cryptocurrency Monero
  • Hackers cryptojacked more than 300 websites
  • City of Marion website infected with Coinhive
Read More

 
Summit County Engineer's Office

Breach Type - Hack

News 5 Cleveland

  • Two employees email accounts hacked
  • County Engineer sends warning not to open emails from their office
  • Unknown if data was compromised during breach
Read More

 
Ohio Governor Website

Breach Type - Hack

Fox News

  • Gov. John Kasich’s website one of several in ISIS Propaganda hack
  • Page also played the Islamic Call to Prayer & displayed Arabic writings, before it was shut down
  • Team System Dz claims responsibility
Read More

 
City of Twinsburg

Breach Type - Phishing

Cleveland 19

  • More than 500 employees had W2s stolen in phishing scam
  • Some employees already dealing with taxes being filed by hackers
  • The IRS and Twinsburg Police investigating
Read More

 
Henry County

Breach Type - Ransomware

The Blade

  • Ransomware may have exposed more than 17,000 county voters’ personal information
  • Offered a free year of service from a credit-monitoring company
  • No ransom was paid and the data was recovered from backup files
  • No votes lost
Read More

 
Columbiana Juvenile Court

Breach Type - Ransomware

The Review

  • Officials paid $2,883 ransom
  • Didn’t feel like they had an option
  • Received everything without any loss of data or damage to system
  • Ransomware infected computer systems before Court had a chance to backup files
Read More

 
BACK TO TOP

Medical

Fisher-Titus Medical Center, Huron County

Breach Type – Hacking, Data Breach

Sandusky Register

  • Bad actor compromised IT systems of healthcare provider
  • During three month period, bad actor utilized employee email
  • Full names, Social Security numbers, cred and debit numbers, and medical information likely compromised
Read More

 
Kroger Co., Hamilton County

Breach Type – Unknown, Data Breach

The Atlanta Journal-Constitution

  • Patient names and personal information compromised following cyberattack
  • Breach did not affect grocery store or IT data
  • Grocery chain offering credit monitoring to those affected
Read More

 
Ashtabula County Medical Center, Ashtabula County

Breach Type – Unknown, Malware

Star Beacon

  • Medical center computers remain off line following cyber attack
  • Emergency department remains open while elective procedures are being postponed
  • Investigations have not discovered any potential sensitive information being exposed
Read More

 
The Christ Hospital Health Network (TCHHN), Hamilton County

Breach Type – Unknown, Data Breach

PR Newswire

  • Healthcare provider notified affected patients of data breach
  • Upon discovery of cyberattack, officials launched internal investigation
  • Affected individuals were encouraged to take preventative financial action
Read More

 
Premier Health Partners, Montgomery County

Breach Type – Phishing, Data Breach

Data Breaches

  • Several healthcare providers hit in elaborate phishing cyberattack
  • IT personnel conducted investigation, worked closely with computer forensics firm
  • Officials stated that they reset email passwords and retrained staff on protocol
Read More

 
Kroger Co., Hamilton County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Nearly 11,000 individuals affected in cyberattack
  • Officials have declined any comment on the incident
  • Kroger reported the healthcare provider had been hacked
Read More

 
University of Cincinnati Health, Hamilton County

Breach Type – Phishing, Data Breach

HIPAA Journal

  • Bad actor gained access to university health system
  • Officials investigated data breach, numerous emails accessed
  • Forensics unable to determine if information was copied
Read More

 
Eye Care Associates, Inc., Trumbull, Mahoning and Columbiana Counties

Breach Type – Unknown, Ransomware

Business Journal Daily

  • The eye center fell victim to a cyber attack that lasted several weeks locking out users
  • An unknown amount of ransom was requested in an email to offer restoration of the systems
  • This hack has caused the eye care facility to be put of business for several weeks inhibiting new patients from being taken in
Read More

 
Edgepark Medical Supplies, Summit County

Breach Type - Hacking, Data Breach

Data Breaches

  • Following an investigation it was determined that accounts were “password sprayed” in attempts to get into accounts
  • It is possible some customer information including private sensitive information may have been compromised from the attack
  • The customers sensitive information like Social Security, credit cards, and other financial information had not been compromised
Read More

 
N.E.O Urology, Mahoning County

Breach Type - Unknown, Ransomware

WFMJ

  • The medical practice was hacked and ransom was requested in order for systems to be unlocked
  • Discovery of the hack was through a fax containing how to pay and who to contact for further instructions
  • Originally stemming from Russia, over $75,000 in ransom money was paid as there was several thousands in revenue loss during the down time
Read More

 
Equitas Health, Franklin County

Breach Type - Phishing, Data Breach

Data Breaches

  • Equitas Health determined an unauthorized individual accessed two e-mail accounts
  • Company became aware of incursion into employee's e-mail account on January 8, 2019
  • Up to 569 affiliated members likely affected in the attack
Read More

 
Health Recovery Services, Athens County

Breach Type - Hacking, Data Breach

Health IT Security

  • Ohio medical company victim of three month breach that accessed server with patient data
  • Over 20,000 patients were notified that their information may have been accessed
  • Affected server and network were disconnected upon discovery, server contained patient personal information
Read More

 
Aultman Hospital, Stark Co.

Breach Type - Hack

Cleveland 19

  • Hackers accessed Aultman employee email accounts
  • Private information of Aultman patients potentially exposed
  • Hospital reset account credentials to prevent further damage
Read More

 
Ohio State Veterinary Medical Center

Breach Type - Hack

Data Breaches

  • 4,611 clients affected by hacking incident
  • All private patient information potentially compromised
  • No evidence surfaced of misuse of client data
Read More

 
BACK TO TOP

Education

Baldwin Wallace University, Cuyahoga County

Breach Type – Unknown, Data Breach

WKYC

  • The University was the recent victim of a cyber attack
  • The attack occurred Jan. 29th and prompted the university to work with both the FBI and cyber security experts
  • There is no evidence that any personal information has been compromised although investigations are ongoing
Read More

 
Toledo public schools, Lucas county

Breach Type – Unknown, Ransomware

Data Breaches

  • Toledo public schools have not verified recent online exposure of over 10,000 students
  • The hacking group Maze dumped over 9 GB of compressed data online
  • Information included data regarding demographic information on students
Read More

 
Kent State, Portage County

Breach Type – Hacking, Other

Kent Wired

  • Over 3,000 student emails hacked by bad actors
  • IT officials advised attack happened from credential harvesting
  • Affected students encouraged to change credential information
Read More

 
Oklahoma City Public Schools, Oklahoma County

Breach Type - Ransomware

Cleveland19

  • Coventry Local Schools infected by Trickbot virus, computers and network affected
  • School officials cancelled school after considering student's interests
  • IT team working hard to stop and fix the issue, however they admitted it was a grueling process
Read More
Ohio

  • School officials spoke with FBI, determined goal was to glean banking information or digital financial assets
  • Telephone and HVAC systems for heating and cooling were affected, as well as several other systems
  • All connected and infected devices were disconnected from the network to help alleviate the issue
Read More

 
Aurora City Schools District, Portage County

Hacking, Other

Record Courier

  • Officials state that an undisclosed amount of money was recovered whereas some was compromised after attack
  • Hackers were stated to be very experienced as they lead this attack against the district
  • The department was made aware of the attack and proceeded to contact local police and the FBI
Read More

 
Dayton Public Schools District, Montgomery County

Phishing, Other

ABC 22

  • Investigators found a hacker posed as the superintendent and claimed her paycheck
  • An email was sent to the payroll department claiming that the bank about needed to be changed
  • $5,000 dollars was already taken before the money was noticed missing
Read More

 
Career and Technology Education Center, Licking Co.

Breach Type - Hacking, Data Breach

Newark Advocate

  • Hackers target system at Licking County's C-TEC
  • Breached personal & private information on school server
  • Identifying & notifying potentially affected individuals
Read More

 
Mt. Healthy City Schools

Breach Type - Phishing

WLWT

  • Mt. Healthy City Schools fall victim to phishing scheme
  • W-2 forms from all employees of 2016 released to hackers
  • Superintendent to notify all affected employees
  • Law enforcement leading investigation & Superintendent proactive in resolving security issues
Read More

 

BACK TO TOP