Oklahoma Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Oklahoma.jpg
 

Public Safety

Bryan County Ambulance Authority in Oklahoma Faces Ransomware 14k Impacted

Breach Type – Unknown, Ransomware

Health IT Security

  • “Bryan County Ambulance Authority in Oklahoma began notifying patients of a ransomware attack it experienced in November 2021. the incident impacted 14,273 individuals."
  • “The ambulance authority said it discovered a ransomware infection in November that began encrypting files stored on its network. It immediately disabled unauthorized access, restored encrypted data, and began an investigation."
  • "Bryan County Ambulance Authority determined that a threat actor had removed some files containing personal information from the network. The type of information involved in the breach was redacted from the copy of the breach notification letter posted online by the Montana Attorney General’s Office."
  • "At this time, Cooper has no evidence that any of the potentially affected information was accessed, disclosed, or misused as a result of this incident.”
  • "The letter said that there was no evidence that any information had been misused, but impacted individuals received complimentary identity theft protection services."
Read More

 
Hackers leave Islamic message on county sheriff's office websites, Delaware County

Breach Type – Hacking, Other

ABC KTUL 8

  • “Multiple law enforcement agencies had a breach online when a hacker took over …”
  • “It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
  • ““The hacker posted a link to their social media, claiming to be a "Turkish Hacktivist"
  • “Delaware County's website is completely down with the hacker's information still linked to the website domain.”
Read More

 
Hackers hit 4 Oklahoma sheriff's office websites, Payne, Lincoln, Custer and Seminole Counties

Breach Type – Hacking, Other

Oklahoma KFOR NEWS 4

  • “Several Oklahoma law enforcement agencies have become the victims of a crime after their websites were hacked. A cyber security expert told KFOR it appears the hacks are connected.”
  • “It’s just clear that obviously the entire front page was totally replaced with other content that is not the legitimate site,”
  • “The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
  • “A website hacker had eyes on four state county sheriff office websites Tuesday night – Payne, Lincoln, Custer and Seminole counties were all hit.”
  • “Website defacements can take all forms and it can have various content,” said Wilson.”
Read More

 
Multiple Oklahoma sheriff's department websites 'hacked', Payne and Washington Counties

Breach Type – Hacking, Other

Stillwater News Press

  • “A self-described hacker is claiming to have access to the websites of multiple sheriff's departments in Oklahoma.”
  • “Payne County Undersheriff Marvin Noyes said the Sheriff’s Office was aware the website was defaced.”
  • “The hacker shared how they exploited a web server from Light House web designs, the company behind sheriffwebsites.com. They claimed they were able to take full control of the web server because it hadn’t been updated since 2017. They claimed root level access to that web server allowed them to deface multiple sheriff websites at once.”
  • “The attacker claimed their goal was to spread their religion and broadcast the Turkish President’s speech. No ransom was asked for.”
Read More

 
Tulsa City Officials Report Ransomware Attack Causing Causing Technical Difficulties, Tulsa County

Breach Type - Ransomware

krmg

  • The Communications Director for the City of Tulsa, Michelle Brooks, says the city is experiencing technical difficulties due to a ransomware attack
  • Fire Department and CAD Systems affected
  • No access to city websites
  • No customer information has been compromised, and redundancies are in place to ensure no operations are interrupted
  • Investigation is ongoing
Read More
Public Radio Tulsa

  • "We know who did this," Bynum said. "They are under federal investigation. I can't say who they are, but it is reassuring to know who did this to the citizens of Tulsa.”
  • Bynum said the attackers sent a message demanding an unspecified ransom or else they would announce they had hacked Tulsa's systems. No contact was made, Bynum said. "We're not gonna pay any ransom."
  • "We want to send a strong message that the city of Tulsa is not sitting here waiting for you to hack us so we can pay you money," said Bynum
  • Police body cameras are not in use because of the attack. In a phone call after the conference, Captain Richard Meulenberg said cameras do work but since there is no way for officers to offload data via city WiFi, they are not in operation
Read More
WRCBtv

  • Officials in Tulsa, Oklahoma, are warning residents their personal information may have been leaked to the dark web following a ransomware attack on the city last month.
  • The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files
  • The documents could contain personal information, including a person's name, date of birth, address and driver's license number.
Read More
BACK TO TOP

Local Government

Oklahoma Tourism and Recreation Department, Oklahoma City

Breach Type – Unknown, Data Breach

KSWO

  • The department received notification that an unknown person has been claiming to have stolen data from several websites
  • Officials state that the claims were immediately investigated and quarantined
  • Investigations show that information that was potentially impacted was names, dates of birth, mailing addresses, phone numbers, and email addresses
Read More

 
Office of Management and Enterprise Services (Wave System), State of Oklahoma

Breach Type – Hacking, Other

Tulsa World

  • Public school data system was taken offline following cyberattack
  • Network housed school district data for entire state
  • State agency assigned fresh logon credentials to school districts
Read More

 
City of the Village Government, Oklahoma County

Breach Type – Unknown, Ransomware

City Council Minutes

  • Bad actors used ransomware in cyberattack that locked officials out of servers
  • Officials believed that the ransomware had gotten into system through third party access
  • IT personnel were able to restore all data from backups
Read More

 
City of Okemah, Okfuskee County

Breach Type – Unknown, Ransomware

News 9

  • Following an encryption of their network's data the City was forced into a digital lockdown
  • All data was encrypted but remained on servers and networks ransom was demanded in return for encryption keys
  • Bad actors continue to demand more and more payment as time goes on, is believed no public information is in jeopardy
Read More

 
City of Norman, Cleveland County

Breach Type – Hacking, Data Breach

Data Breaches

  • City government forced to disable payment portal after cyberattack
  • Officials stated that other cities had been likewise hit
  • City forced to transfer payment services to new processor
Read More

 
City of Broken Arrow, Tulsa County

Breach Type – Hacking, Data Breach

Gemini Advisory

  • Hackers exploited vulnerability in Superion’s Click2Gov Utility Bill Pay Systems affecting government entities across the U.S.
  • Over 20,000 records from eight cities in five different states have been offered for sale on the dark web
  • City of Broken Arrow one of the eight cities impacted
Read More

 
Oklahoma Law Enforcement Retirement System, State

Breach Type – Hacking, Other

Tulsa World

  • The FBI began to investigate into a hacking that was able to steal $4.2 million in funds for law enforcement retirement pensions
  • An announcement was released 10 days later addressing the attack and investigations following
  • All benefits will continue to be paid and there will be no effect on the timeliness of payments
Read More

 
City of Wilburton Website, Latimer County

Breach Type - Hacking, Other

KOCO News 5

  • Website of small Oklahoma town – compromised by hackers
  • No personal information of citizens accessed by attackers
  • Police leading investigation to determine who hacked website while city works to tighten security
Read More

 
Midwest City, Oklahoma Co.

Breach Type - Other/Vulnerability

DataBreaches

  • Vulnerability remained in Midwest City utility bill pay system
  • Hackers potentially accessed private data through exploitation of vulnerability
  • System managed by third party vendor, Superion
  • 2,300 citizens potentially vulnerable to breach of financial data
Read More

 
City of Tulsa

Breach Type - Hack

News on 6

  • Hackers broke into several city-controlled accounts
  • 6 cloud-based systems compromised
  • City immediately disabled servers
  • Mayor claims the city has mitigated hacks in the past
Read More

 
Oklahoma City

Breach Type - Phishing

K4 News

  • Cyber attack causes network to shut down
  • Email phishing scam potential cause
  • No sensitive data compromised
Read More

 
City of Lawton, Comanche Co.

Breach Type - Virus

KSWO

  • Entire network down, more than 500 computers impacted city-wide
  • Unknown how virus originated
  • Infiltrated networks despite anti-virus software in place
Read More

 
Stillwater

Breach Type - Hack

K4 News

  • Information for 3,000 compromised
  • Unauthorized party accessed a city computer
  • Notified law enforcement and the computer has since been secured
Read More

 
Oklahoma Office of Management and Enterprise Services, Oklahoma Co.

Breach Type - Ransomware

Tulsa Beacon

  • Ransomware attack infected & compromised State of Oklahoma OMES
  • OMES did not pay ransom
  • Incident inspired Oklahoma agencies to implement secure cyber defenses
Read More

 
BACK TO TOP

Medical

Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals, Oklahoma County

Breach Type – Hacking, Data Breach

OODA Loop

  • "The Oklahoma City Indian Clinic(OKCIC) announced that it had suffered from a data breach that exposed personally identifiable information of roughly 40,000 individuals."
  • "The clinic identified a security incident that affected its computer system on May 12, according to a notice posted on the clinic’s website."
  • "The OKCIC also confirmed that they had enlisted the help of a third-party forensic firm to determine the full impact and scope of the security incident."
  • "An initial investigation confirmed that the unauthorized party that breached OKCIC’s systems was able to access sensitive customer information. This includes data such as treatment information, medial records, names, dates of birth, physician information, Tribal ID numbers, Social Security numbers, health insurance policy numbers, and more."
Read More

 
Affected patients to receive information about DRH data security incident, Stephens County

Breach Type – Hacking, Data Breach

Duncan Banner

  • "Officials with DRH Health, the leading healthcare provider in Stephens County, confirmed Friday, March 4 a data incident dating back to January of this year may have impacted protected health information for some patients."
  • "DRH reported an incident affected on of their servers, although an investigation launched immediately and DRH’s team brought systems back to normal operation within 24 hours."
  • "some information stored outside of the hospital’s “primary electronic medical record system may have been impacted, including names, addresses, demographic information, dates of birth, and some combination of Social Security numbers, medical record numbers, and limited treatment information.”
Read More

 
Harper County Community Hospital Targeted with Ransomware

Breach Type - Unknown, Ransomware

KFOR

  • The Harper County Community Hospital says its computer server was recently compromised by disruptive ransomware
  • The hospital’s workstations and common drives were compromised by an unknown threat actor on Wednesday, March 24,” said hospital officials
  • Harper County Community Hospital says the HIPAA breach potentially affected the health information of over 500 individuals
  • The protected health information that may have been compromised could include any of the following: first and last name, date of birth, home address, patient account number, diagnosis, social security number and health insurance information
  • Harper County Community Hospital mailed notifications to all known individuals whose records were impacted by the ransomware
Read More

 
Oklahoma State University Center of Health Sciences

Breach Type - Hack

Data Breaches

  • Hacker gained access to patients' Medicaid billing info
  • Files did not contain medical records; a single social security number possibly affected
  • No conclusive indication of patient info misuse
  • Implemented additional security measures as precaution
Read More

 
BACK TO TOP

Education

Ponca City Public Schools, Kay County

Breach Type – Unknown, Ransomware

KFOR

  • The districts servers were compromised by a ransomware attack that left data encrypted
  • The school was delayed in starting as the documents must be rebuilt
  • A third party is being worked with in the hopes of future prevention
Read More
News on 6

  • Bad actors found access through a program the school uses called PowerSchool
  • No ransomware was paid and no sensitive student information was exposed
Read More

 
University of Oklahoma, Cleveland County

Breach Type – Unknown, Data Breach

KFOR

  • The University was contacted by their cloud hosting service that a ransomware attack took place
  • The University was exposed in ransomware attack allowing bad actors to gain access to data from their clients
  • It is assured that no sensitive data was exposed
Read More

 
Jay Public School District, Delaware County

Breach Type – Unknown, Malware

Four States Homepage

  • Malware discovered to have infected school computer and network
  • Third party IT personnel were slated to investigate cyberattack
  • School district was assigned legal team and specialist insurance company
Read More

 
Bethel Public Schools, McCurtain County

Breach Type – Unknown, Malware

Countywide & Sun

  • Oklahoma cities were victims of malware cyberattack
  • City of Chandler paid $50,000 ransom, bad actors demanded more money
  • School system forced to utilize non-standard testing practice
Read More

 
Oklahoma City Public Schools, Oklahoma County

Breach Type - Ransomware

News OK

  • The City public school’s systems were compromised by malware
  • To aide in isolating the malware systems were shut down completely also closing off access to emails
  • It had been determined that this malware was instead ransomware asking for the ransom to be paid before restoration
Read More

 
Oklahoma City Public Schools

Breach Type - TDoS/DDoS

Oklahoma News

  • Denial of Service attacks made it impossible to access district’s parent portal website
  • The portal is frequently attacked with DDoS sources citing this attack as the longest duration of DDoS
  • 45,000 students/families, 2,500 teachers, 150 principals/assistant principals, 300 front office staff, 250 central office leaders have access to site and remain affected by attack
Read More

 
Yukon Public Schools

Breach Type - Phishing

News OK

  • Phishing scheme targets Yukon Public Schools
  • Email circulated internally & accessed private information
  • 1,400 potentially compromised victims
  • District offering free credit monitoring for all employees
  • District to implement in-depth cyber security training and confirmation of sensitive info requests
Read More

 

BACK TO TOP