Public Safety

Bryan County Ambulance Authority in Oklahoma Faces Ransomware 14k Impacted

Breach Type – Unknown, Ransomware

Health IT Security
May 25th, 2022

“Bryan County Ambulance Authority in Oklahoma began notifying patients of a ransomware attack it experienced in November 2021. the incident impacted 14,273 individuals."
“The ambulance authority said it discovered a ransomware infection in November that began encrypting files stored on its network. It immediately disabled unauthorized access, restored encrypted data, and began an investigation."
"Bryan County Ambulance Authority determined that a threat actor had removed some files containing personal information from the network. The type of information involved in the breach was redacted from the copy of the breach notification letter posted online by the Montana Attorney General’s Office."
"At this time, Cooper has no evidence that any of the potentially affected information was accessed, disclosed, or misused as a result of this incident.”
"The letter said that there was no evidence that any information had been misused, but impacted individuals received complimentary identity theft protection services."

Hackers leave Islamic message on county sheriff's office websites, Delaware County

Breach Type – Hacking, Other

ABC KTUL 8
November 13th, 2021

“Multiple law enforcement agencies had a breach online when a hacker took over …”
“It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
““The hacker posted a link to their social media, claiming to be a "Turkish Hacktivist"
“Delaware County's website is completely down with the hacker's information still linked to the website domain.”

Hackers hit 4 Oklahoma sheriff's office websites, Payne, Lincoln, Custer and Seminole Counties

Breach Type – Hacking, Other

Oklahoma KFOR NEWS 4
November 13th, 2021

“Several Oklahoma law enforcement agencies have become the victims of a crime after their websites were hacked. A cyber security expert told KFOR it appears the hacks are connected.”
“It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
“The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
“A website hacker had eyes on four state county sheriff office websites Tuesday night – Payne, Lincoln, Custer and Seminole counties were all hit.”
“Website defacements can take all forms and it can have various content,” said Wilson.”

Multiple Oklahoma sheriff's department websites 'hacked', Payne and Washington Counties

Breach Type – Hacking, Other

Stillwater News Press
November 13th, 2021

“A self-described hacker is claiming to have access to the websites of multiple sheriff's departments in Oklahoma.”
“Payne County Undersheriff Marvin Noyes said the Sheriff’s Office was aware the website was defaced.”
“The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
“The attacker claimed their goal was to spread their religion and broadcast the Turkish President’s speech. No ransom was asked for.”

Tulsa City Officials Report Ransomware Attack Causing Causing Technical Difficulties, Tulsa County

Breach Type - Ransomware

krmg
May 11th, 2021

The Communications Director for the City of Tulsa, Michelle Brooks, says the city is experiencing technical difficulties due to a ransomware attack
Fire Department and CAD Systems affected
No access to city websites
No customer information has been compromised, and redundancies are in place to ensure no operations are interrupted
Investigation is ongoing

Public Radio Tulsa
May 21st, 2021

"We know who did this," Bynum said. "They are under federal investigation. I can't say who they are, but it is reassuring to know who did this to the citizens of Tulsa.”
Bynum said the attackers sent a message demanding an unspecified ransom or else they would announce they had hacked Tulsa's systems. No contact was made, Bynum said. "We're not gonna pay any ransom."
"We want to send a strong message that the city of Tulsa is not sitting here waiting for you to hack us so we can pay you money," said Bynum
Police body cameras are not in use because of the attack. In a phone call after the conference, Captain Richard Meulenberg said cameras do work but since there is no way for officers to offload data via city WiFi, they are not in operation

WRCBtv
June 23rd, 2021

Officials in Tulsa, Oklahoma, are warning residents their personal information may have been leaked to the dark web following a ransomware attack on the city last month.
The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files
The documents could contain personal information, including a person's name, date of birth, address and driver's license number.

Local Government

Oklahoma Tourism and Recreation Department, Oklahoma City

Breach Type – Unknown, Data Breach

KSWO
February 2nd, 2021

The department received notification that an unknown person has been claiming to have stolen data from several websites
Officials state that the claims were immediately investigated and quarantined
Investigations show that information that was potentially impacted was names, dates of birth, mailing addresses, phone numbers, and email addresses

Office of Management and Enterprise Services (Wave System), State of Oklahoma

Breach Type – Hacking, Other

Tulsa World
September 11th, 2020

Public school data system was taken offline following cyberattack
Network housed school district data for entire state
State agency assigned fresh logon credentials to school districts

City of the Village Government, Oklahoma County

Breach Type – Unknown, Ransomware

City Council Minutes
January 22nd, 2019

Bad actors used ransomware in cyberattack that locked officials out of servers
Officials believed that the ransomware had gotten into system through third party access
IT personnel were able to restore all data from backups

City of Okemah, Okfuskee County

Breach Type – Unknown, Ransomware

News 9
June 11th, 2020

Following an encryption of their network's data the City was forced into a digital lockdown
All data was encrypted but remained on servers and networks ransom was demanded in return for encryption keys
Bad actors continue to demand more and more payment as time goes on, is believed no public information is in jeopardy

City of Norman, Cleveland County

Breach Type – Hacking, Data Breach

Data Breaches
November 7th, 2019

City government forced to disable payment portal after cyberattack
Officials stated that other cities had been likewise hit
City forced to transfer payment services to new processor

City of Broken Arrow, Tulsa County

Breach Type – Hacking, Data Breach

Gemini Advisory
September 19th, 2019

Hackers exploited vulnerability in Superion’s Click2Gov Utility Bill Pay Systems affecting government entities across the U.S.
Over 20,000 records from eight cities in five different states have been offered for sale on the dark web
City of Broken Arrow one of the eight cities impacted

Oklahoma Law Enforcement Retirement System, State

Breach Type – Hacking, Other

Tulsa World
September 6th, 2019

The FBI began to investigate into a hacking that was able to steal $4.2 million in funds for law enforcement retirement pensions
An announcement was released 10 days later addressing the attack and investigations following
All benefits will continue to be paid and there will be no effect on the timeliness of payments

City of Wilburton Website, Latimer County

Breach Type - Hacking, Other

KOCO News 5
September 9th, 2018

Website of small Oklahoma town – compromised by hackers
No personal information of citizens accessed by attackers
Police leading investigation to determine who hacked website while city works to tighten security

Midwest City, Oklahoma Co.

Breach Type - Other/Vulnerability

DataBreaches
June 24th, 2018

Vulnerability remained in Midwest City utility bill pay system
Hackers potentially accessed private data through exploitation of vulnerability
System managed by third party vendor, Superion
2,300 citizens potentially vulnerable to breach of financial data

City of Tulsa

Breach Type - Hack

News on 6
May 4th, 2018

Hackers broke into several city-controlled accounts
6 cloud-based systems compromised
City immediately disabled servers
Mayor claims the city has mitigated hacks in the past

Oklahoma City

Breach Type - Phishing

K4 News
October 27th, 2017

Cyber attack causes network to shut down
Email phishing scam potential cause
No sensitive data compromised

City of Lawton, Comanche Co.

Breach Type - Virus

KSWO
August 23rd, 2017

Entire network down, more than 500 computers impacted city-wide
Unknown how virus originated
Infiltrated networks despite anti-virus software in place

Stillwater

Breach Type - Hack

K4 News
May 24th, 2017

Information for 3,000 compromised
Unauthorized party accessed a city computer
Notified law enforcement and the computer has since been secured

Oklahoma Office of Management and Enterprise Services, Oklahoma Co.

Breach Type - Ransomware

Tulsa Beacon
February 23rd, 2017

Ransomware attack infected & compromised State of Oklahoma OMES
OMES did not pay ransom
Incident inspired Oklahoma agencies to implement secure cyber defenses

Medical

Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals, Oklahoma County

Breach Type – Hacking, Data Breach

OODA Loop
May 13th, 2022

"The Oklahoma City Indian Clinic(OKCIC) announced that it had suffered from a data breach that exposed personally identifiable information of roughly 40,000 individuals."
"The clinic identified a security incident that affected its computer system on May 12, according to a notice posted on the clinic’s website."
"The OKCIC also confirmed that they had enlisted the help of a third-party forensic firm to determine the full impact and scope of the security incident."
"An initial investigation confirmed that the unauthorized party that breached OKCIC’s systems was able to access sensitive customer information. This includes data such as treatment information, medial records, names, dates of birth, physician information, Tribal ID numbers, Social Security numbers, health insurance policy numbers, and more."

Affected patients to receive information about DRH data security incident, Stephens County

Breach Type – Hacking, Data Breach

Duncan Banner
March 4th, 2022

"Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients."
"DRH reported an incident affected on of their servers, although an investigation launched immediately and DRH’s team brought systems back to normal operation within 24 hours."
"some information stored outside of the hospital’s “primary electronic medical record system may have been impacted, including names, addresses, demographic information, dates of birth, and some combination of Social Security numbers, medical record numbers, and limited treatment information.”

Harper County Community Hospital Targeted with Ransomware

Breach Type - Unknown, Ransomware

KFOR
January 5th, 2018

The Harper County Community Hospital says its computer server was recently compromised by disruptive ransomware
The hospital’s workstations and common drives were compromised by an unknown threat actor on Wednesday, March 24,” said hospital officials
Harper County Community Hospital says the HIPAA breach potentially affected the health information of over 500 individuals
The protected health information that may have been compromised could include any of the following: first and last name, date of birth, home address, patient account number, diagnosis, social security number and health insurance information
Harper County Community Hospital mailed notifications to all known individuals whose records were impacted by the ransomware

Oklahoma State University Center of Health Sciences

Breach Type - Hack

Data Breaches
January 5th, 2018

Hacker gained access to patients' Medicaid billing info
Files did not contain medical records; a single social security number possibly affected
No conclusive indication of patient info misuse
Implemented additional security measures as precaution

Education

Ponca City Public Schools, Kay County

Breach Type – Unknown, Ransomware

KFOR
August 17th, 2020

The districts servers were compromised by a ransomware attack that left data encrypted
The school was delayed in starting as the documents must be rebuilt
A third party is being worked with in the hopes of future prevention

News on 6
August 18th, 2020

Bad actors found access through a program the school uses called PowerSchool
No ransomware was paid and no sensitive student information was exposed

University of Oklahoma, Cleveland County

Breach Type – Unknown, Data Breach

KFOR
August, 3rd, 2020

The University was contacted by their cloud hosting service that a ransomware attack took place
The University was exposed in ransomware attack allowing bad actors to gain access to data from their clients
It is assured that no sensitive data was exposed

Jay Public School District, Delaware County

Breach Type – Unknown, Malware

Four States Homepage
March 12th, 2020

Malware discovered to have infected school computer and network
Third party IT personnel were slated to investigate cyberattack
School district was assigned legal team and specialist insurance company

Bethel Public Schools, McCurtain County

Breach Type – Unknown, Malware

Countywide & Sun
October 17th, 2019

Oklahoma cities were victims of malware cyberattack
City of Chandler paid $50,000 ransom, bad actors demanded more money
School system forced to utilize non-standard testing practice

Oklahoma City Public Schools, Oklahoma County

Breach Type - Ransomware

News OK
May 14th, 2019

The City public school’s systems were compromised by malware
To aide in isolating the malware systems were shut down completely also closing off access to emails
It had been determined that this malware was instead ransomware asking for the ransom to be paid before restoration

Oklahoma City Public Schools

Breach Type - TDoS/DDoS

Oklahoma News
September 23rd, 2018

Denial of Service attacks made it impossible to access district’s parent portal website
The portal is frequently attacked with DDoS sources citing this attack as the longest duration of DDoS
45,000 students/families, 2,500 teachers, 150 principals/assistant principals, 300 front office staff, 250 central office leaders have access to site and remain affected by attack

Yukon Public Schools

Breach Type - Phishing

News OK
March 4th, 2017

Phishing scheme targets Yukon Public Schools
Email circulated internally & accessed private information
1,400 potentially compromised victims
District offering free credit monitoring for all employees
District to implement in-depth cyber security training and confirmation of sensitive info requests

Oklahoma Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in
9-1-1 Cyber News?

Follow Us!

Oklahoma Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in9-1-1 Cyber News?

Follow Us!

Want the latest in
9-1-1 Cyber News?