Oklahoma Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Oklahoma.jpg
 

Public Safety

Hackers leave Islamic message on county sheriff's office websites, Delaware County

Breach Type – Hacking, Other

ABC KTUL 8

  • “Multiple law enforcement agencies had a breach online when a hacker took over …”
  • “It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
  • ““The hacker posted a link to their social media, claiming to be a "Turkish Hacktivist"
  • “Delaware County's website is completely down with the hacker's information still linked to the website domain.”
Read More

 
Hackers hit 4 Oklahoma sheriff's office websites, Payne, Lincoln, Custer and Seminole Counties

Breach Type – Hacking, Other

Oklahoma KFOR NEWS 4

  • “Several Oklahoma law enforcement agencies have become the victims of a crime after their websites were hacked. A cyber security expert told KFOR it appears the hacks are connected.”
  • “It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
  • “The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
  • “A website hacker had eyes on four state county sheriff office websites Tuesday night – Payne, Lincoln, Custer and Seminole counties were all hit.”
  • “Website defacements can take all forms and it can have various content,” said Wilson.”
Read More

 
Multiple Oklahoma sheriff's department websites 'hacked', Payne and Washington Counties

Breach Type – Hacking, Other

Stillwater News Press

  • “A self-described hacker is claiming to have access to the websites of multiple sheriff's departments in Oklahoma.”
  • “Payne County Undersheriff Marvin Noyes said the Sheriff’s Office was aware the website was defaced.”
  • “The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
  • “The attacker claimed their goal was to spread their religion and broadcast the Turkish President’s speech. No ransom was asked for.”
Read More

 
Tulsa City Officials Report Ransomware Attack Causing Causing Technical Difficulties, Tulsa County

Breach Type - Ransomware

krmg

  • The Communications Director for the City of Tulsa, Michelle Brooks, says the city is experiencing technical difficulties due to a ransomware attack
  • Fire Department and CAD Systems affected
  • No access to city websites
  • No customer information has been compromised, and redundancies are in place to ensure no operations are interrupted
  • Investigation is ongoing
Read More
Public Radio Tulsa

  • "We know who did this," Bynum said. "They are under federal investigation. I can't say who they are, but it is reassuring to know who did this to the citizens of Tulsa.”
  • Bynum said the attackers sent a message demanding an unspecified ransom or else they would announce they had hacked Tulsa's systems. No contact was made, Bynum said. "We're not gonna pay any ransom."
  • "We want to send a strong message that the city of Tulsa is not sitting here waiting for you to hack us so we can pay you money," said Bynum
  • Police body cameras are not in use because of the attack. In a phone call after the conference, Captain Richard Meulenberg said cameras do work but since there is no way for officers to offload data via city WiFi, they are not in operation
Read More
WRCBtv

  • Officials in Tulsa, Oklahoma, are warning residents their personal information may have been leaked to the dark web following a ransomware attack on the city last month.
  • The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files
  • The documents could contain personal information, including a person's name, date of birth, address and driver's license number.
Read More
BACK TO TOP

Local Government

Oklahoma Tourism and Recreation Department, Oklahoma City

Breach Type – Unknown, Data Breach

KSWO

  • The department received notification that an unknown person has been claiming to have stolen data from several websites
  • Officials state that the claims were immediately investigated and quarantined
  • Investigations show that information that was potentially impacted was names, dates of birth, mailing addresses, phone numbers, and email addresses
Read More

 
Office of Management and Enterprise Services (Wave System), State of Oklahoma

Breach Type – Hacking, Other

Tulsa World

  • Public school data system was taken offline following cyberattack
  • Network housed school district data for entire state
  • State agency assigned fresh logon credentials to school districts
Read More

 
City of the Village Government, Oklahoma County

Breach Type – Unknown, Ransomware

City Council Minutes

  • Bad actors used ransomware in cyberattack that locked officials out of servers
  • Officials believed that the ransomware had gotten into system through third party access
  • IT personnel were able to restore all data from backups
Read More

 
City of Okemah, Okfuskee County

Breach Type – Unknown, Ransomware

News 9

  • Following an encryption of their network's data the City was forced into a digital lockdown
  • All data was encrypted but remained on servers and networks ransom was demanded in return for encryption keys
  • Bad actors continue to demand more and more payment as time goes on, is believed no public information is in jeopardy
Read More

 
City of Norman, Cleveland County

Breach Type – Hacking, Data Breach

Data Breaches

  • City government forced to disable payment portal after cyberattack
  • Officials stated that other cities had been likewise hit
  • City forced to transfer payment services to new processor
Read More

 
City of Broken Arrow, Tulsa County

Breach Type – Hacking, Data Breach

Gemini Advisory

  • Hackers exploited vulnerability in Superion’s Click2Gov Utility Bill Pay Systems affecting government entities across the U.S.
  • Over 20,000 records from eight cities in five different states have been offered for sale on the dark web
  • City of Broken Arrow one of the eight cities impacted
Read More

 
Oklahoma Law Enforcement Retirement System, State

Breach Type – Hacking, Other

Tulsa World

  • The FBI began to investigate into a hacking that was able to steal $4.2 million in funds for law enforcement retirement pensions
  • An announcement was released 10 days later addressing the attack and investigations following
  • All benefits will continue to be paid and there will be no effect on the timeliness of payments
Read More

 
City of Wilburton Website, Latimer County

Breach Type - Hacking, Other

KOCO News 5

  • Website of small Oklahoma town – compromised by hackers
  • No personal information of citizens accessed by attackers
  • Police leading investigation to determine who hacked website while city works to tighten security
Read More

 
Midwest City, Oklahoma Co.

Breach Type - Other/Vulnerability

DataBreaches

  • Vulnerability remained in Midwest City utility bill pay system
  • Hackers potentially accessed private data through exploitation of vulnerability
  • System managed by third party vendor, Superion
  • 2,300 citizens potentially vulnerable to breach of financial data
Read More

 
City of Tulsa

Breach Type - Hack

News on 6

  • Hackers broke into several city-controlled accounts
  • 6 cloud-based systems compromised
  • City immediately disabled servers
  • Mayor claims the city has mitigated hacks in the past
Read More

 
Oklahoma City

Breach Type - Phishing

K4 News

  • Cyber attack causes network to shut down
  • Email phishing scam potential cause
  • No sensitive data compromised
Read More

 
City of Lawton, Comanche Co.

Breach Type - Virus

KSWO

  • Entire network down, more than 500 computers impacted city-wide
  • Unknown how virus originated
  • Infiltrated networks despite anti-virus software in place
Read More

 
Stillwater

Breach Type - Hack

K4 News

  • Information for 3,000 compromised
  • Unauthorized party accessed a city computer
  • Notified law enforcement and the computer has since been secured
Read More

 
Oklahoma Office of Management and Enterprise Services, Oklahoma Co.

Breach Type - Ransomware

Tulsa Beacon

  • Ransomware attack infected & compromised State of Oklahoma OMES
  • OMES did not pay ransom
  • Incident inspired Oklahoma agencies to implement secure cyber defenses
Read More

 
BACK TO TOP

Medical

Harper County Community Hospital Targeted with Ransomware

Breach Type - Unknown, Ransomware

KFOR

  • The Harper County Community Hospital says its computer server was recently compromised by disruptive ransomware
  • The hospital’s workstations and common drives were compromised by an unknown threat actor on Wednesday, March 24,” said hospital officials
  • Harper County Community Hospital says the HIPAA breach potentially affected the health information of over 500 individuals
  • The protected health information that may have been compromised could include any of the following: first and last name, date of birth, home address, patient account number, diagnosis, social security number and health insurance information
  • Harper County Community Hospital mailed notifications to all known individuals whose records were impacted by the ransomware
Read More

 
Oklahoma State University Center of Health Sciences

Breach Type - Hack

Data Breaches

  • Hacker gained access to patients' Medicaid billing info
  • Files did not contain medical records; a single social security number possibly affected
  • No conclusive indication of patient info misuse
  • Implemented additional security measures as precaution
Read More

 
BACK TO TOP

Education

Ponca City Public Schools, Kay County

Breach Type – Unknown, Ransomware

KFOR

  • The districts servers were compromised by a ransomware attack that left data encrypted
  • The school was delayed in starting as the documents must be rebuilt
  • A third party is being worked with in the hopes of future prevention
Read More
News on 6

  • Bad actors found access through a program the school uses called PowerSchool
  • No ransomware was paid and no sensitive student information was exposed
Read More

 
University of Oklahoma, Cleveland County

Breach Type – Unknown, Data Breach

KFOR

  • The University was contacted by their cloud hosting service that a ransomware attack took place
  • The University was exposed in ransomware attack allowing bad actors to gain access to data from their clients
  • It is assured that no sensitive data was exposed
Read More

 
Jay Public School District, Delaware County

Breach Type – Unknown, Malware

Four States Homepage

  • Malware discovered to have infected school computer and network
  • Third party IT personnel were slated to investigate cyberattack
  • School district was assigned legal team and specialist insurance company
Read More

 
Bethel Public Schools, McCurtain County

Breach Type – Unknown, Malware

Countywide & Sun

  • Oklahoma cities were victims of malware cyberattack
  • City of Chandler paid $50,000 ransom, bad actors demanded more money
  • School system forced to utilize non-standard testing practice
Read More

 
Oklahoma City Public Schools, Oklahoma County

Breach Type - Ransomware

News OK

  • The City public school’s systems were compromised by malware
  • To aide in isolating the malware systems were shut down completely also closing off access to emails
  • It had been determined that this malware was instead ransomware asking for the ransom to be paid before restoration
Read More

 
Oklahoma City Public Schools

Breach Type - TDoS/DDoS

Oklahoma News

  • Denial of Service attacks made it impossible to access district’s parent portal website
  • The portal is frequently attacked with DDoS sources citing this attack as the longest duration of DDoS
  • 45,000 students/families, 2,500 teachers, 150 principals/assistant principals, 300 front office staff, 250 central office leaders have access to site and remain affected by attack
Read More

 
Yukon Public Schools

Breach Type - Phishing

News OK

  • Phishing scheme targets Yukon Public Schools
  • Email circulated internally & accessed private information
  • 1,400 potentially compromised victims
  • District offering free credit monitoring for all employees
  • District to implement in-depth cyber security training and confirmation of sensitive info requests
Read More

 

BACK TO TOP