Pennsylvania Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Pennsylvania.jpg
 

Public Safety

Delaware County and Delaware County PD, Delaware County

Breach Type – Unknown, Ransomware

Philadelphia CBS local

  • Delaware county's computer systems were downed after attack from hackers
  • A ransom is demanded to give up control of computer network
  • The county cannot access police reports payroll and other databases and files
Read More
Bleeping Computer

  • Delaware County paid the $500,000 ransom after systems were hit by attacker
  • The County had insurance that was able to pay the $500,000 ransom demanded
  • Sources have told that the DoppelPaymer ransomware gang was behind the attack in that Delaware County had paid the ransom
Read More
WHYY

  • County government paid $25,000 ransom to bad actors
  • Upon payment, bad actor provided decryption tool, list of files stolen
  • Government head advised payment of the ransom
Read More

 
Millcreek Township and Millcreek PD, Erie County

Breach Type – Unknown, Ransomware

Erie News Now

  • The township released publicly that it was the victim of a cyber attack
  • Investigations show it to be a ransomware based attack
  • Bad actors demanded over $250,000 in ransom leading FBI to launch investigations
Read More

 
Luzerne County Government Systems & Sheriff's Office, Luzerne County

Breach Type - Phishing, Malware

Times Leader

  • Luzerne County hit with cyber attack via e-mail attachment that shut down several servers
  • 911 department and emergency management agency unaffected due to utilizing isolated servers
  • Officials were unsure when exactly the virus had infected the system, likely remained dormant for some time
Read More
Gov Tech

  • Servers that were once targeted are assumed to be online and cleared following public release
  • First expected to be restored are the databases and systems associated with the county prison system and other branches
  • The systems were shut down to quarantine and stop any spread of the virus within the network preventing workers uploading onto networks
Read More

 
Chester County Government & 911 Dispatch, Chester County

Breach Type - Malware

Patch

  • Online systems and dispatch were rendered offline in weekend attack
  • Chester County Government has put in full effort to resolve issues
  • Online services are still impacted as progress is being made
Read More

 
City of Allentown

Breach Type - Hack

The Morning Call

  • Malware infects system
  • Shuts down financial & public safety operations
  • Estimated $1M for removal of malware
  • PD cannot access databases controlled by PA state police
Read More

 
Mt. Holly Springs PD

Breach Type - Ransomware

ABC 27

  • Email from “FedEx” leads to exploitation of computer services
  • Hackers demanded $500 in bitcoin
  • Computer was not set up to general server
  • None of the files lost were vital
Read More

 
BACK TO TOP

Local Government

Clearfield County Computer Systems, Clearfield County

Breach Type – Unknown, Malware

The Progress News

  • County computer services, including email, have been taken out following cyberattack
  • Attack disabled county courthouse teleconference systems
  • Officials remained unsure about extent of damage
Read More
Connect Radio

  • County dispatched letters to individuals likely affected by cyberattack
  • Officials determined that personal information was potentially compromised
  • Bad actors posted personal information on their website following attack
Read More

 
Penn Township, York County

Breach Type – Hacking, Other

Government Technology

  • Township government was victim of cyberattack
  • Bad actors were able to steal money from credit account
  • Officials hired third-party contractor to help with investigation
Read More

 
South Eastern Pennsylvania Transit Authority, Philadelphia County

Breach Type – Unknown, Malware

The Philadelphia Inquirer

  • Realtime travel information was disabled by bad actors
  • Officials were uncertain as to whether private information had been accessed
  • Federal law enforcement assisted in the investigation
Read More

 
City of Scranton Non-Emergency Computer System, Lackawanna County

Breach Type – Unknown, Ransomware

WILK Newsradio

  • Non-emergency network hit in ransomware cyberattack
  • Outside cybersecurity specialists assisted in the investigation
  • Officials stated they would advise the public if private information was accessed
Read More

 
Duncannon Borough, Perry County

Breach Type – Hacking, Ransomware

PennLive

  • Bad actors used ransomware in cyberattack on county government
  • Town officials paid tens of thousands of dollars in ransom
  • Backup systems were locked in addition to standard data
Read More

 
Allegheny Intermediate Unit, Allegheny County

Breach Type – Unknown, Ransomware

TRIB LIVE

  • Officials believed private information remained safe
  • Bad actors used ransomware in county hit
  • Officials confirmed an ongoing investigations was underway
Read More

 
City of DuBois, Clearfield County

Breach Type – Unknown, Malware

The Courier Express

  • City computer network disabled in cyberattack
  • Numerous law enforcement agencies investigated
  • IT advised they were working to regain access
Read More

 
Leesport Tax Collector System, Berks County

Breach Type – Hacking, Data Breach

Reading Eagle

  • Tax collector's computer system was hit in data breach
  • Citizens advised to place holds on financial information
  • Local law enforcement investigated breach
Read More

 
Bradford City Hall, McKean County

Breach Type – Unknown, Ransomware

The Bradford Era

  • Majority of city hall's computers destroyed in ransomware cyberattack
  • City officials stated replacement computers had been put in place
  • IT company discovered ransomware had infiltrated city's server
Read More

 
Lebanon County Government Systems, Lebanon County

Breach Type – Unknown, Malware

LebTown

  • The County's computer systems were taken offline once it was discovered there had been an attack
  • It had been released that the systems were disconnected in an act of caution and prevention of further damage
  • 9-1-1 systems were not affected but email systems and their telephone system had been knocked offline
Read More

 
Butler County Federated Library System, Butler County

Breach Type - Unknown, Ransomware

ButlerRadio

  • Following the attack, the county Library continues to maintenance serves in attempts for full restoration
  • From the beginning of detection IT and Library staff continue to work on fixing systems in the hopes of nominal operations
  • It had been discovered that this specific attack was another Ryuk attack following many prior
Read More

 
Philadelphia Court System (First Judicial District), Philadelphia County

Breach Type - Unknown, Malware

Philly

  • The First Judicial Court experienced a virus attack leading them to quarantine systems
  • No data was compromised and all court proceedings occurred nominally
  • Impact was not seen during court operations due to virus being treated immediately now
Read More

 
City of Washington, Washington County

Breach Type - Ransomware

WPXI

  • Computers were shut down in the City of Washington due to a large scale ransomware attack
  • The origin of the virus is still unknown as investigations are still underway over this seemingly isolated incident
  • It is unknown if this was a ransomware based attack as all infected files were removed
Read More

 
State of PA Department of Corrections

Breach Type - Hacking, Data Breach

Fox 43

  • Vulnerability in third party vendor compromised inmate private data
  • Department of Corrections notified of hackers exfiltrating sensitive data
  • 13,791 inmates and employees potentially affected
Read More

 
The Pennsylvania Department of Health

Breach Type - Hacking, Other

DataBreaches

  • Pennsylvania Department of Health internal website hacked
  • Sensitive patient information unaltered
  • Website defacement main goal of cyber attack
Read More

 
Westmoreland Housing Authority, Westmoreland County

Breach Type - Ransomware

TribLive

  • Hackers demand ransom over $40M
  • Cyber-attack rendered phones and computers inoperable
  • Housing authority debating paying ransom or independently restoring servers
Read More

 
Bucks County

Breach Type - Phishing/Other

The Intelligencer

  • Bucks County employee email account compromised
  • Hackers use county email to send malicious attachments
  • Cyber-attack origin unknown
  • Unknown how many people impacted by attack
Read More

 
East Cocalico Township Tax Collector, Lancaster Co.

Breach Type - Hack

The Euphrata Review

  • Tax Collector computer hit with cyber attack
  • Sophisticated hacker traced to Ukraine
  • Investigation ongoing
  • Notified citizens to watch accounts for fraud
Read More

 
Strasburg, Lancaster

Breach Type - Phishing

Fox 43

  • Hackers hit email system 3 times
  • Residents receiving emails from Strasburg offices, encouraged not to open
  • Strasburg office working with IT department to restore its systems
Read More

 
City of Hermitage

Breach Type - Phishing

WFMJ

  • Foreign hackers attempt to trick city finance office into sending money to supplier in Illinois
  • Supplier in Illinois would then wire money overseas
  • Claimed that the city owed $23,000
Read More

 
Bucks County

Breach Type - Phishing

Bucks County Courier Times

  • Bucks Co. Falls victim to malicious phishing campaign
  • PDF attachment infected system with malware"
  • When clicked, would infect victims computer and send out more fraudulent emails
Read More

 
Dauphin County, Harrisburg

Breach Type - Ransomware

NBC News

  • Pennsylvania Senate Democrats hit with ransomware
  • Worked with law enforcement agencies and Microsoft to resolve the problem
Read More
Penn Live

  • Regained access to their work email accounts
  • Wireless service was restored to Senate office
  • Senators' Web sites all appeared to be accessible
  • Microsoft loans laptops as temporary work platform
  • Old hardware cleansed and data restored
Read More

 
Allegheny County

Breach Type - Ransomware

Dark Reading

  • State prosecutor's office paid attackers $1,400 in Bitcoin to free its data
  • Hit with Avalanche botnet network
  • Employee opened a link which infected computer systems
Read More

 
BACK TO TOP

Medical

Phishing Attack at Allegheny Network Impacts 8k, Allegheny County

Breach Type – Phishing, Data Breach

Health Security

  • "Allegheny Health Network (AHN) and its parent company, Highmark Health, announced that a phishing attack had led to potential protected health information (PHI) exposure for approximately 8,000 patients."
  • "An employee was sent a malicious phishing email ink that led to their account being compromised between May 31 and June 1, 2022, the announcement explained."
  • "The threat actor managed to obtain access to some files containing patient names, birth dates, dates of service, conditions, treatment and diagnosis information..."
Read More

 
Family Practice Center discloses a breach from October 2021, Snyder County

Breach Type – Unknown, Data Breach

DataBreaches.net

  • “Family Practice Center (“FPC”) announced that it suffered an attempt to shut down its computer operations on October 11, 2021. That attempt failed and FPC was still able to treat patients and provide service to the community."
  • “Although FPC has no evidence that any information has been misused, out of an abundance of caution FPC is providing notification to patients whose information may have been involved in the incident. The potentially affected information included names, addresses, medical insurance information, and health and treatment information. Patient medical records were not involved in the incident. For a small group of patients, Social Security numbers were involved."
  • “FPC will be notifying potentially impacted individuals of this incident by letter. The letters include information about this incident and what steps those individuals who had their information exposed can take to monitor and protect their information."
  • "FPC are not aware of the misuse of any patient information resulting from this incident."
Read More

 
Jefferson Health data breach exposed billing info of 9,000 patients, Philadelphia County

Breach Type – Hacking, Data Breach

Philly Voice

  • ”Jefferson Health is notifying more than 9,000 patients whose personal information may have been exposed during a privacy breach late last year."
  • ”An authorized person accessed an online portal used by Jefferson staffers to submit billing information to Independence Blue Cross on Nov. 18 and attempted to divert wire payments meant for Jefferson,"
  • "The hacker gained access by impersonating two authorized staff members in order to reset passwords on the portal"
  • "On Nov. 22, the investigation determined the hacker obtained a remittance sheet containing the billing information of 9,095 patients. The data included names, dates of service, treatment codes and costs."
Read More

 
Hackers Target Data at Philadelphia Health-Care Systems

Breach Type – Hacking, Data Breach

GovTech.com

  • "Jefferson Health says a cloud-based database with information on 1,769 patients treated at the Sidney Kimmel Cancer Center was breached in April during a national attack on a software vendor."
  • ”Jefferson Health said that the April hack was limited and that the intruders did not penetrate its main computer system. The breach took place through Elekta Inc., a Swedish company. The company has not said whether the attack involved ransomware or was limited to attempted data theft."
  • "Jefferson Health is mailing letters to patients whose information may have been involved in this incident. Jefferson Health is also providing people whose Social Security number was involved with complimentary credit monitoring and identity theft protection services."
Read More

 
Jefferson Health Cancer Patients' Personal Health Information Compromised in April Hack, Philadelphia County

Breach Type – Hacking, Data Breach

Philadelphia CBS Local

  • "A warning for some Jefferson Health cancer patients: your personal information could be in the hands of hackers."
  • "The health system says the cyberattack involves a vendor called Elekta, which handles patient information for cancer treatments."
  • “We’re told the hackers obtained patients’ names, dates of birth, and some medical information back in April. They also got some patients’ social security numbers."
  • -"Jefferson Health is contacting everyone who is affected and will offer free credit monitoring and identity theft protection to people whose social security numbers were stolen."
Read More

 
Squirrel Hill Health, Allegheny County

Breach Type – Unknown, Malware

PR Newswire

  • Malware discovered after suspicious activity was investigated on February 4th
  • Data compromised includes names, addresses, appointment scheduling details, dates of birth, diagnostic codes, and SSNs
  • Squirrel Healh is in the process of notifying impacted individuals
Read More

 
BioTel Heart, Chester County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • BioTel Health notified patients of a vendor data breach affecting nearly 39,000 people
  • Data compromised includes but is not limited to SSNs, medical records, and contact information
  • BioTel Heart is offering two years of credit monitoring via Equifax in response to the breach
Read More

 
University of Pittsburgh Medical Center, Allegheny County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • UPMC was prompted to begin notifying patients of a potential data breach following suspicious activity
  • Investigations lead discovered the activity was affecting employee email systems June 2020
  • Bad actors were able to log into a number of employee email accounts gaining access to more than 36,000 patients' information
Read More

 
eResearch Technology, Philadelphia County

Breach Type – Unknown, Ransomware

Fierce Biotech

  • Philadelphia company which sells software for clinical trials was hit by ransomware attacked according to the NYT slowing down trials for COVID-19
  • The company had to take its systems offline to allow for FBI and cyber security investigations
  • The attack forced trial researchers to track patients tests with pen and paper causing delays
Read More

 
Einstein Health Network, Philadelphia County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Bad actor was able to gain access to employee email accounts between August 5th and August 17th
  • The incident is still being investigated by the health system and information is being reviewed
  • Over 1,800 individuals were affected by exposure
Read More

 
Independence Blue Cross, Philadelphia County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Bad actors hacked into healthcare provider during cyberattack
  • Officials remained unsure if unauthorized person accessed files
  • Names, identification numbers, spending account balances likely accessed
Read More

 
Everett & Hurite Ophthalmic Association (EHOA), Alleghany County

Breach Type – Phishing, Data Breach

EHOA Public Statement

  • Employee email account used in elaborate phishing cyberattack
  • Dates of birth, social security numbers among stolen information
  • Officials began investigation and response, notified law enforcement
Read More

 
Crozer-Keystone Health System, Delaware County

Breach Type – Unknown, Ransomware

Coin Telegraph

  • Crozer-Keystone suffered a ransomware attack from the "NetWalker" gang that is now auctioning off the stolen data
  • The data was accessed and from analysis it looked like there was no sensitive medical information posted
  • NetWalker claims that the health system never posted ransom hence why the information was posted for auction
Read More

 
Meadville Medical Center, Crawford County

Breach Type – Unknown, Malware

Meadville Tribune

  • Medical center network was disrupted during midst of Covid-19 pandemic
  • Health records and email systems were affected by the unknown malware
  • Patient care remained unaffected, and no delays were reported
Read More

 
Meadville Medical Center, Crawford County

Breach Type – Hacking, Data Breach

Meadville Tribune

  • Bad actors likely accessed private information for employees and dependents
  • Officials believed patient information remained intact and wasn't accessed
  • Federal authorities assisted IT team investigations for the breach
Read More

 
Geisinger Health Plan, Montour County

Breach Type – Phishing, Data Breach

HIPAA Journal

  • Pennsylvania health center was victim of phishing cyber attack
  • Bad actors accessed and stole personal information
  • Officials believed attack was to access email accounts
Read More

 
Ellwood City Medical Center, Lawrence County & Beaver County

Breach Type - Unknown, Malware

Ellwood City Ledger

  • It was announced that the attack, determined to be a virus, had finally been contained
  • There is no signs that any private patient information had been exposed or taken
  • Investigations are continuing in an attempt to prevent any continual occurrences and repeat occurrences
Read More

 
Eurofins Lancaster Laboratories, Lancaster

Breach Type - Unknown, Ransomware

Lancaster Online

  • The ransomware attack lead to the compromise of several facilities causing them to be disrupted
  • Several employees were unable to work due to hardware being corrupted and unusable with this new variant of malware
  • This malware was so largescale it was able to cause disruption across several countries affecting IT systems
Read More

 
The May Eye Care Center & Associates, York County

Breach Type - Ransomware

Data Breaches

  • May Eye Care Center’s server and electronic medical records system compromised in ransomware attack
  • Patient Health information and limited financial information stored on compromised server
  • Hackers potentially breached private information
  • May Eye Care Center notified the affected individuals
Read More

 
Children’s Hospital of Philadelphia, Philadelphia County

Breach Type - Phishing, Data Breach

Children's Hospital of Philadelphia

  • 2 phishing incidents impacted operations at Children’s Hospital of Philadelphia
  • Unauthorized access was detected, and CHOP immediately launched investigation
  • Email accounts contained sensitive PHI, potentially compromising those affected
Read More

 
UPMC Cole, Potter Co.

Breach Type - Phishing, Data Breach

Olean Times Herald

  • 790 patients informed of potential PHI data breach
  • Two phishing attacks targeted UPMC Cole email accounts
  • No medical record systems breached
Read More

 
Women's Health Care Group of Pennsylvania

Breach Type - Ransomware

Healthcare IT News

  • Ransomware infected a server & workstation at one of Women's Health Care practices
  • Officials isolated the infected server & workstation from the network
  • The health system could not determine if patient data was acquired or viewed by hackers
  • 300,000 patients potentially affected by breach
Read More

 
Heritage Valley Health Systems

Breach Type - Ransomware

WPXI News

  • Ransomware attack hits globally, infecting Heritage Valley Health systems in four PA counties
  • Implemented anti-virus software to defend against attack
  • Staff resorted to downtime procedures, making operational adjustments to ensure safe patient care
Read More

 
Pennsylvania Ambulatory Surgical Center

Breach Type - Ransomware

HIPAA Journal

  • Staff members alerted their IT department when they could not access files
  • IT department discovered ransomware infected the servers
  • Restored all systems without paying ransom to hackers
  • Sent breach notification letters to 13,000 potentially affected individuals
Read More

 
Main Line Health

Breach Type - Phishing

Data Breaches

  • Employee fell victim to hack by responding to phishing scheme
  • Affected all personal info of Main Line employees
  • Main Line Health alerted IRS and FBI to pursue investigation
Read More

 
BACK TO TOP

Education

Ringgold Student Data Leak Revealed, Washington County

Breach Type – Unknown, Data Breach

Observer

  • "Some student data was leaked via email last week, Ringgold School District announced Monday."
  • "Upon learning about the accidental release of student data at one of our schools, the district immediately retracted the email from anyone who had not yet opened it."
  • "Distribution of the erroneous email was not distributed outside of that one school’s family community,” Randall said. “In addition, we have added a series of safety steps to ensure a human error of this nature does not occur again."
Read More

 
Moon Area School District investigating 'cyber incident' disrupting computer systems, Lamoille County

Breach Type – Unknown, Malware

WPXI Channel 11 Pittsburgh

  • "A local school district is working to investigate and resolve a disruptive cyber “incident” impacting operations just days before the start of the school year."
  • "We recently began experiencing a cyber incident that has encrypted some of our systems, resulting in a disruption to certain computer systems and operations."
  • "We are working diligently with third-party specialists and government authorities to investigate the source of this disruption, confirm its impact on our systems, and restore full functionality to our environment and operations as soon as possible.”
Read More

 
Superintendent speaks out about cyber security incident at Altoona Area School District, Blair County

Breach Type – Hacking, Malware

WJAC TV

  • "Back in early December of last year the school had an attack on their "routing server" after which they started working with a high-end security software on all of the district servers."
  • "This week district administration was contacted by employees saying they had been informed by their credit monitoring services that their social security numbers or medical identification numbers were found on fraudulent trading websites on the dark web."
  • "The hackers posted on a dark website 10 gigabytes of information that also included students' birth dates and addresses, which were already public information."
  • "The district will be providing employees with "up to" two free years of data security and protection coverage as well as giving out new medical identification cards to their staff."
Read More

 
Authorities investigate ransomware attack in Fleetwood ASD, Berks County

Breach Type – Unknown, Ransomware

WFMZ

  • " Officials at a school in Berks County said their computer systems were attacked by ransomware."
  • "there is no threat to the safety of students or staff and that the systems containing student and financial information are housed off-site and have not been affected."
  • "The district is still working with local law enforcement and the FBI during their investigation."
  • "Currently, this event is still resulting in a disruption to the technology systems of the district."
Read More

 
Harmony's computer system recovering from cyber attack, Clearfield County

Breach Type – Unknown, Malware

The Progress News

  • “Harmony Area School District is recovering from a cyber-attack to the district’s computer network.”
  • “…The district’s system was recently hacked”
  • “Some things remain to be fixed,” he said, adding, “But for the most part we are back up and running.”
  • “…estimated the cost at approximately $5,000, which included expenses for a security upgrade to the system’s hardware.”
Read More

 
Cyber Attack on Pennsbury's Computer System Reported, Bucks County

Breach Type – Hacking, Data Breach

Patch.com

  • "The Pennsbury School District has announced that their computer systems suffered a cyber attack on Sunday."
  • "their internet security monitoring service found a data breach in their systems, which was immediately worked on to mitigate the issue."
  • "No pertinent information regarding students or staff was leaked during the breach. However, the breach will impact email communications and students who are learning remotely."
Read More

 
Butler Community College closes for 2 days after cyber attack, Butler County

Breach Type – Unknown, Ransomware

Pittsburgh Post Gazette

  • "Butler County Community College has closed its main campus and canceled remote classes, online credit classes and noncredit courses due to a ransomware attack"
  • "… the closures will affect classes Monday and Tuesday as the school “restores databases, hard drives, servers and other devices affected by a ransomware attack.”
  • “its information technology division “noticed widespread technical difficulties,” and officials believe the attack originated on Nov. 19. Since then, the IT staff “have worked extensively over the holiday break to address the issue,”
Read More

 
Millersville University, Lancaster County

Breach Type – Unknown, Malware

MSN

  • A public statement released noted that the university had received an external attack on systems
  • The identifiable information on systems has been encrypted since 2019
  • Due to security techniques the university believes the data has not been compromised
Read More
Fox 43

  • The university president announced in a campus-wide email that some student's information was exposed
  • Affected individuals will be given notice and resources in accordance with state law
Read More

 
Juniata College, Huntingdon County

Breach Type – Phishing, Data Breach

Data Breaches

  • Officials uncertain if bad actors gained access to confidential information
  • Possible leaked data includes bank, passport, and medical information among others
  • Statement was released about incident and steps for individuals to take
Read More

 
Wyoming Area School District, Luzerne County

Breach Type – Unknown, Ransomware

The Citizen’s Voice

  • School district forced to pay $38,000 ransom to bad actors
  • Officials believed the attack originated in Iran or India
  • Payment likely encouraged other bad actors
Read More

 
Wallenpaupack Area School District, Pike & Wayne Counties

Breach Type – Unknown, Ransomware

Neagle

  • School district attacked second time this year, led to shutdown of 3,000 computers
  • Officials with the school confirmed they had been hit with ransomware
  • Superintendent advised that no personal information had been leaked in the attack
Read More

 
Ridgway Area School District, Elk County

Breach Type – Unknown, Ransomware

Brad Fordera

  • The district suffered a virus attack but no data had been compromised
  • Files were encrypted as the virus spread on the servers, no confidential data was accessed
  • Extra help was requested to ensure the school year starts as normal
Read More

 
Newport School District, Perry County

Breach Type - Phishing, Malware

Penn Live

  • Computers were infected by a virus that came through an email
  • The virus was hidden among a marketing scheme compromising staff information
  • It took several weeks to fix and no student information was compromised
Read More

 
Franklin Regional High School

Breach Type - DDoS/Other

Bleeping Computer

  • Student purchased BetaBooter, an IP stressing platform, to launch DDoS attacks on high school
  • Attacks targeted Franklin Regional - affecting over a dozen school districts on shared server infrastructure
  • DDos interrupted the network from 10-45 minutes every time
Read More

 

BACK TO TOP