Oregon Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Oregon.jpg
 

Public Safety

Washington County Sheriff's Office, Washington County

Breach Type – Hacking, Other

KOIN
June 11th, 2020
  • Fake email sent by bad actors called for Sheriff's resignation
  • Officials promptly released an apology and launched an investigation
  • Email was sent to all contacts on the Sheriff's Office's listserv
Read More

 
Tillamook County & Tillamook County Sheriff’s Office, Tillamook County

Breach Type – Unknown, Malware

OPB
January 24th, 2020
  • County government website, computers, and phones all taken out by cyberattack
  • Officials stated that all departments county-wide had been affected
  • Private data and personal information remained safe despite attacks
Read More
Bend Bulletin
March 12th, 2020
  • $300,000 ransom was paid in an attempt to regain access in January
  • Many attempts were made to avoid ransomware payments but in the end it was determined that the payment had to be made
  • The cyber attack resulted in encrypted backups all caused by bad actor group called REvil
Read More

 
City of St. Helens & St. Helens Police Department, Columbia County

Breach Type – Unknown, Malware

The Chronicle Online
January 22nd, 2020
  • Police department, city hall, library and many others victim of cyberattack
  • Phone systems and emails remained offline following malware hit
  • Emergency dispatch and 911 remained active despite attack
Read More

 
Crook Counry Sheriff's Office Jail Website, Crook County

Breach Type – Hacking, Other: Website Defacement

KTVZ
August 4th, 2019
  • Visitors to the government website had noticed a note stating that it was hacked by Iranian hackers
  • It was another hacktivist group that boasted on its anti-government stance
  • The hack had not affected any major operations of the Sheriff’s office and acts more as a nuisance to be fixed
Read More

 
North Bend Police Department & City of North Bend, Coos County

Breach Type - Ransomware

The World Link
December 7th, 2018
  • Hackers targeted North Bend Police Department with ransomware
  • Ransom note demanded $50,000 in Bitcoin
  • The malware spread to the City of North Bend’s server
  • Two encryption keys were necessary to unlock all systems
  • FBI traced ransomware back to Romania but the identity of the hackers remains unknown
Read More

 

BACK TO TOP

Local Government

Oregon Department of Transportation Data Accessed as Part of Global MOVEit Hack; 3.5 million DMV records compromised, State of Oregon

Breach Type – Hacking, Data Breach

WBALTV.com
June 15th, 2023
  • “The Oregon Department of Transportation is among many organizations affected by a data breach inflicted by a global hack of the data transfer software MOVEit Transfer. This ODOT data includes personal information for approximately 3.5 million holders of Oregon ID or driver’s licenses."
  • ”On Thursday, June 1, 2023, the Cybersecurity and Infrastructure Security Agency issued a zero-day vulnerability alert stating that PSC had released a security advisory for MOVEit Transfer, and that the software had a vulnerability which could allow an attacker to “take over an affected system.”
  • "Our analysis identified multiple files shared via MOVEit Transfer that were accessed by unauthorized actors before we received the security alert."
  • ”On Monday, June 12, ODOT confirmed that the accessed data contained personal information for approximately 3.5 million Oregonians. While much of this information is available broadly, some of it is sensitive personal information.
Read More

 
Curry County experiences ransomware attack, impacting internal systems

Breach Type – Unknown, Ransomware

FOX 26
May 11th, 2023
  • “Curry County says its been hit with a ransomware attack. On April 26, an organization called the ‘Royal Ransomware Group’ attacked county servers."
  • “Now its having difficulty accessing internal documents, according to the county.”
  • "Many systems and data are also temporarily unavailable, including email services, according to Curry County.”
  • ”With the special election less than a week away, the county said the vote counting process and the integrity of the election will not be impacted.”
Read More

 
Hacker fails to wrest any ransom from Oregon City during network attack, Clackamus County

Breach Type – Hacking, Ransomware

Oregon City News
February 27th, 2023
  • “Oregon City officials are beefing up protections against network attacks and still determining how much forensic and legal fees are being spent after a hacker recently disrupted city services."
  • “The hacker had gotten stuck behind Oregon City’s network firewalls and had demanded a ransom even through the hacker was not able to access the city’s network. Oregon City didn’t pay the ransom; officials shut down parts of the network as a precaution, then carefully began turning them back on with backed up data.”
  • ”Extra costs to Oregon City for hiring third-party specialists brought in to assist are still being tabulated and will be billed to the city’s insurance.”
  • ”More than two weeks after Oregon City officials announced that city employees were unable to access “certain” online files, basic city services were still being affected by what they were simply calling a “network disruption,” declining to discuss the hacker at the time out of concern for protecting the ongoing investigation.”
  • ”In addition to the city’s previously reported inability to issue land-use permits due to the computer problems, Oregon City had to cancel a City Commission meeting on Feb. 15 and was unable to process supposedly automatic payments through utility customers’ bank drafts.”
Read More

 
County computers back online after Jan 24 ransomware attack, Linn County

Breach Type – Unknown, Ransomware

Sweet Home News
February 1st, 2022
  • “Linn County public services are coming back online after a ransomware attack was identified early Monday morning, Jan. 24, according to Administrative Officer Darrin Lane.”
  • “County IT staff members are working extended hours to restore critical systems including servers and individual computers.”
  • “About 6 a.m. Monday, county staff learned that some computers were being encrypted and immediately shut down servers and computer systems.”
  • “The Linn County Sheriff’s Office and Health Department were not affected.”
Read More

 
Jackson County's Website, Jackson County

Breach Type – Unknown, Ransomware

Mail Tribune
November 18th, 2020
  • Ransomware used by bad actors in cyberattack
  • County government website was taken out in hit
  • Officials stated that internal county systems and data remained intact
Read More

 
City of Keizer, Marion County

Breach Type – Unknown, Ransomware

Keizer Times
June 17th, 2020
  • City officials forced to pay $48,000 to bad actors following cyberattack
  • Ransomware locked access to data and various programs on government servers
  • Officials hoped investigation could help mitigate any future risks
Read More

 
Oregon Department of Human Services, State of Oregon

Breach Type – Phishing, Data Breach

KTVZ
March 20th, 2020
  • Oregon DHS officials discovered phishing-related data breach
  • Officials unwilling to disclose extent of breach
  • Department forced to notify public due to unauthorized access
Read More

 
Klamath Veteran Service Office, Klamath County

Breach Type – Phishing, Data Breach

KTVL
January 5th, 2020
  • County veteran service office victim of cyberattack
  • Bad actors gained unauthorized access to employee email
  • Officials investigated and discovered bad actors
Read More

 
City of Bend, Deschutes County

Breach Type – Hacking, Data Breach

Data Breaches
January 7th, 2020
  • Residents making utility payments were victim of cyberattack
  • City's payment software was infiltrated by bad actors
  • Officials worked with local and federal law enforcement
Read More

 
Oregon Judicial Department, State of Oregon

Breach Type – Phishing, Data Breach

Mail Tribune
August 30th, 2019
  • A phishing scheme exposed information of over 6,000 people after hackers gained access to five employee accounts
  • Within three hours the attack was stopped prompting the department to launch an investigation on the impacts of this breach
  • Information that was exposed contained sensitive information relating to financial payment information and some social securities and dates of birth
Read More

 
Oregon Health Authority & Oregon State Hospital, State

Breach Type - Phishing, Data Breach

Data Breaches
May 13th, 2019
  • A cyber attack had managed to gain access to an employee’s email account that had sensitive information regarding patients
  • It is unknown how or if the data has been manipulated, leaving the state to notify the patients about this potential security breach
  • Over 1.400 people are served by the hospital per year
Read More

 
Oregon Department of Human Services, State

Breach Type - Phishing, Data Breach

Kansas City
March 21st, 2019
  • Oregon Department of Human Services victim of data breach, exposed nearly 1.6 million people's personal information
  • Attack happened in January via phishing link in employees' email
  • Department is unsure exactly how many people were affected, nearly 2 million employee emails were vulnerable during attack
Read More

 
Klamath County

Breach Type - Phishing, Data Breach

Herald and News
July 25th, 2018
  • Two employees at Klamath County fell victim to phishing scheme
  • Phishing email prompted employees to enter credentials into online form
  • Only county employee data affected in breach
Read More

 
City of Medford, Jackson Co.

Breach Type - Other, Data Breach

KDRV
July 23rd, 2018
  • Superion's Click2Gov utility bill pay system contains major vulnerability
  • Vulnerability serves as open door for hackers
  • Hackers potentially breach Medford residents' private information
Read More

 
Oregon State Employee

Breach Type - Phishing

Oregon Live
June 19th, 2018
  • Oregon state employee falls victim to phishing scam
  • Malicious link hijacked employee's PC
  • Sent 8 million spam messages from oregon.gov domain
  • Email domain blacklisted by several private email providers
Read More

 
City of Portland, Multnomah County

Breach Type - Hack

Oregon Live
May 18th, 2018
  • Portland's Chief Technology Officer notifies city officials of compromised email accounts
  • Hacking attempts may have been successful
  • City technology staff researching potentially affected data
Read More

 
Klamath County

Breach Type - Phishing

Herald & News
March 20th, 2018
  • County confirmed data breach after Nigerian phishing scam
  • County has stepped up security to combat future attacks
  • Employees credentials were stolen by hacker in Nigeria
Read More

 
Oregon Secretary of State

Breach Type - Hack

US News
September 22nd, 2017
  • Russian government tried but failed to access Secretary of State's computer
  • Oregon learned about attempt from US Department of Homeland Security
  • Hack took place during 2016 Election
Read More

 
Oregon Department of Environmental Equality

Breach Type - Hack

Oregon Live
May 19th, 2017
  • Hack poked holes in server
  • No sensitive information believed to be compromised
  • Taken steps to protect its servers/information
Read More

 
Business Registry and Finance

Breach Type - Hack

Route Fifty
February 27th, 2017
  • Websites hacked in 2014
  • Since then improvements auditing structural gaps have been made
  • A Center for Cyber Excellence has been established
Read More

 
Department of Fish and Wildlife

Breach Type - Hack

KTVL
August 26th, 2016
  • Breach of online system to purchase fishing/hunting license
  • Investigating whether personal info was compromised
  • System has been shut down until further notice
Read More

 
BACK TO TOP

Medical

Data breach affects 1.7 million Oregon Health Plan members, Marion County

Breach Type – Hacking, Data Breach

The Observer
August 2nd, 2023
  • “Members of Oregon Health Plan are urged to monitor their credit after hackers accessed the personal information of an estimated 1.7 million members.”
  • ”A company called PH Tech, which contracts with health care providers, announced the breach Wednesday, Aug. 2.”
  • “Hackers once again exploited a known security issue in file transfer software called MOVEit.”
  • ”In June, the same security issue led to an Oregon DMV data breach that affected more than 3 million Oregonians. Banks around the world, including Umpqua Bank, were also targeted.”
Read More

 
Digital Health Company Suffers Breach, 103K Impacted, Linn County

Breach Type – Unknown, Data Breach

Health IT Security
June 22nd, 2023
  • “Digital health company Kannact disclosed a breach to HHS that impacted 103,547 individuals. According to a breach notice posted on the company’s website, Kannact discovered that an unauthorized party had gained access to its network on March 13."
  • “Kannact launched an investigation and engaged a cybersecurity firm. The investigation is ongoing but preliminary results found that names, dates of birth, phone numbers, Social Security numbers, driver’s license numbers, and protected health information (PHI) were potentially exposed. Not all impacted individuals had their Social Security numbers and driver’s license numbers exposed.”
  • ”Kannact has since disabled access to a third-party managed file transfer software and deactivated all related API keys.”
Read More

 
Radiology practice suffers ‘significant’ cyberattack, Jackson County

Breach Type – Unknown, Data Breach

Radiology Business
June 1st, 2023
  • ”An Oregon radiology practice suffered a “significant” cyberattack over the Memorial Day weekend, according to published reports. Medford Radiology Group has retained a team of computer forensics experts to help aid in its response. The 75-year-old practice also has alerted partner organizations such as the Asante and Providence hospital systems after learning of the incident on May 26.”
  • ”We are utilizing all available resources to offer radiology services and patient care to the extent possible while our experts and the Medford team work as quickly as possible to fully restore operations,” the practice said in a statement shared with local media outlets. “We appreciate your patience as we conduct our investigation and respond to this incident.”
  • “The southern Oregon-based group said the attack had left it unable to view or report on images. Leaders were still uncertain of the full scope of the problem as of May 30, NBC noted. Medford Radiology employs about 20 physicians providing services to more than a dozen locations, according to its website.”
Read More

 
Trillium Community Health Plan, Lane County

Breach Type – Hacking, Data Breach

Data Breaches
March 7th, 2021
  • Accellion notified the Heath Plan that it had experienced a breach
  • This caused exposure of patients' names, dates of birth, insurance ID numbers, and health information
  • The number of exposed was not released and letters were sent out offering credit and identity monitoring services
Read More

 
Sky Lakes Medical Center, Klamath County

Breach Type – Unknown, Ransomware

Becker's Hospital Review
October 28th, 2020
  • Sky Lakes Medical Center computer systems were rendered useless by ransomware attack
  • Hospital reported the computer systems are down due to the attack and communication is complicated during the downtime
  • Hospital still filling prescriptions and offering emergency and urgent care services
Read More

 
Providence Health Plan , Multnomah County

Breach Type – Unknown, Data Breach

Becker's Hospital Review
July 8th, 2020
  • Medical coding error allowed bad actors into system
  • Healthcare provider notified state Health and Human Services Department
  • Information contained employer and member names
Read More

 
Native American Rehabilitation Association of the Northwest, Multnomah County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review
January 9th, 2020
  • Numerous employees of healthcare facility were victim of phishing
  • Bad actors utilized Emotet malware against tribal healthcare provider
  • IT officials installed additional protections to monitor computers
Read More

 
Family Tree Relief Nursery, Linn County

Breach Type - Ransomware

Oregon Live
November 16th, 2018
  • Organization’s computer hacked with ransomware
  • The incident prevented staff from accessing client information
  • 2,000 clients notified by mail that unauthorized persons accessed computer programs
Read More

 
Legacy Health, Multnomah County

Breach Type - Phishing, Data Breach

Oregon Live
August 20th, 2018
  • Legacy Health employees fall victim to email phishing scheme
  • 38,000 patients potentially affected by data breach
  • PHI & financial data may be at risk
Read More

 
Care Partners Hospice and Palliative, Hillsboro – Washington Co.

Breach Type - Hack

Hillsboro Tribune
May 25th, 2018
  • Hackers targeted Washington Co. Medical practice
  • Credentials stolen from employee email account
  • 600 patients potentially compromised in the breach
Read More

 
The Oregon Clinic, Multnomah County

Breach Type - Hack

DataBreaches
May 9th, 2018
  • Hackers infiltrated an employee email account
  • Private information of patients possibly exposed to hacker
  • The Oregon Clinic advises those potentially affected to monitor their personal data
Read More

 
Southwest Portland Dental

Breach Type - Accidental Data Breach

Data Breaches
September 2nd, 2016
  • Unauthorized individuals gained access to Dental network through a trusted third-party vendor
  • Affected site was used to transfer data
  • No evidence surfaced of unauthorized access/misuse of info
  • Southwest Portland Dental notified patients that private data could be exposed
  • Reported to law enforcement and investigation is ongoing
Read More

 
BACK TO TOP

Education

Attacked by Vice Society earlier this month, Lewis & Clark finds files with personal information have now been leaked, Multnomah County

Breach Type – Unknown, Data Breach

DataBreaches.net
March 31st, 2023
  • "It appears that Lewis & Clark in Oregon has been the victim of a ransomware attack by Vice Society.”
  • "On March 23, the college issued a notice on its site, referring to a “security incident” but never mentioning the word “ransomware” or reporting the receipt of any ransom demand:."
  • "Classes and events on campus are continuing as scheduled.”
Read More

 
Centennial School District, Multnomah County

Breach Type – Hacking, Ransomware

Oregon Live
April 26th, 2021
  • Two days of classes were cancelled because of a ransomware attack
  • No word on what kind of data may have been compromised
  • The school district took its systems offline out of an abundance of caution and is working with authorities
Read More

 
Treasure Valley Community College, Malheur County

Breach Type – Hacking, Data Breach

PR Newswire
December 29th, 2020
  • Community college was victim of cyberattack
  • Officials believed private personal information may have been accessed
  • Information likely included student ID numbers, Social Security numbers, and dates of birth
Read More

 
Oregon State University, Benton County

Breach Type – Unknown, Data Breach

Data Breaches
September 3rd, 2020
  • Bad actors were able to access servers containing both faculty and student sensitive information
  • It is unknown if the information was used in a malicious manner at this time
  • Students were contacted about the breach as the University continues to monitor the servers
Read More

 
Oregon State University, Benton County

Breach Type - Phishing, Data Breach

Oregon State
June 14th, 2019
  • Over 500 student records and family records were exposed following a cyber attack
  • An employee email account was compromised and exploited as hundreds of phishing emails were sent from this affected account
  • Upon investigation it was realized that this account had the private information from many students and their family
Read More

 
Lake Oswego School District, Clackamas County

Breach Type - Phishing/Other

KOIN 6
July 6th, 2018
  • Hackers target Lake Oswego School District Twitter page & employee email account
  • Employee email compromised by hackers & used to distribute spam emails to students of district
  • Inappropriate tweets launched by hackers via Lake Oswego District Twitter page
  • District acted to warn students and deactivate Twitter account
Read More

 
Roseburg Public Schools District, Douglas County

Breach Type - Ransomware

NR Today
May 7th, 2018
  • Roseburg Public Schools District falls victim to ransomware attack
  • Malware blocked district's email, website, and software
  • District took steps to neutralize attack
  • No personal data compromised
Read More

 
Southern Oregon University

Breach Type - Phishing

Tripwire
June 13th, 2017
  • Southern Oregon University falls victim to Business Email Compromise (BEC) scam
  • Hackers posed as trusted construction vendor
  • University sent $1.9M to hackers
Read More

 
Redmond School District

Breach Type - Ransomware

KTVZ
February 24th, 2017
  • Hacker poses as superintendent in a spear-phishing scheme
  • Employee emailed all W-2 information to hacker
  • No immediate misuse of employee information
  • District notified potentially affected individuals
Read More

 
Grant County Education Service District

Breach Type - Ransomware

Blue Mountain Eagle
May 25th, 2016
  • Ransomware encrypts Grant County Education Service District through malicious email attachment
  • Attack shutdown county/school emails, & internet operations
  • Ransomware identified as .LOL! variant
  • District's anti-virus and security software were not enough to stop attack
Read More

 

BACK TO TOP