Public Safety

City of Knoxville, Knoxville Police & Fire Department Computer Systems, Knox County

Breach Type – Unknown, Ransomware

WBIR
June 11th, 2020

The city's network was hit by ransomware causing a shutdown and investigations to start up
Officers were resorting to pen and paper methods to fill out reports but the computer network was inaccessible
Emails were also affected making communication between personal to be difficult

Lawrence County Sheriff’s Office, Lawrence County

Breach Type – Unknown, Ransomware

FOX 17
April 28th, 2020

Ransomware used by bad actors in cyberattack
County Sheriff's Office E-911 system was hit
CAD and license plate checks among affected systems

Coffee County Sheriff’s Department & Jail, Coffee County

Breach Type - Unknown, Ransomware

On Target News
April 6th, 2020

County jail was victim of ransomware cyberattack
State law enforcement agencies assisted with investigation
Arrest, booking, and sentencing records were locked

Manchester Times
April 7th, 2020

County sheriff confirmed ransomware was used
Employees discovered bad actors moving files
Officials were worried arrest records would be altered

Spring Hill City & 911

Breach Type - Ransomware

WKRN
November 8th, 2017

Starts as a city hack
Employee opens infected email
Hackers demand $250,000
Dispatchers most affected, writing info on notepads

WKRN
November 13th, 2017

Citizens unable to make online payment for 10 days
Hack shut down all mobile data terminals in police cars

SC Magazine
November 16th, 2017

Public safety and city emails will be restored first
No information has been removed by hackers

Henry County 911 Systems

Breach Type - Ransomware

Paris Post Intelligencer
July 19th, 2017

Department of Homeland Security named Henry County as one of many cyber attacks
Virus infected the Computer Aided Dispatch System
Dispatchers could take calls, not locations
Passwords of computer programs not strong enough

Murfreesboro Police & Fire Dept. Hit

Breach Type - Ransomware

The Tennessean
July 5th, 2017

WannaCry ransomware
19 computers and 2 file servers were down
Most affected data is not retrievable, however no significant files lost

Dickson Sheriff’s Office Pays Ransom

Breach Type - Ransomware

The Tennessean
November 11th, 2014

Read More

Local Government

Officials investigate after Tipton County cyber attack

Breach Type – Hacking, Other

WREG News
November 16th, 2022

”Tipton County officials are checking administrative bank accounts after a cyber attack compromised at least three county credit cards.”
"According to an incident report, Maxwell’s government-issued email was hacked and pertinent information such as receipts and bank documents were compromised. It says the hackers tried to establish a line of credit using personal information found in her email account.”
”A sheriff’s office credit card along with two other county cards had to be closed due to attempted fraudulent charges, according to the report. Thankfully, as of now, it does not appear the hackers were able to get away with any money.”

Statement on Jobs4TN.gov Service Outage, State of Tennessee

Breach Type – Unknown, Malware

Department of Labor and Workforce Development
June 9th, 2022

“Geographic Solutions (GSI), the vendor that operates Jobs4TN.gov, notified the Tennessee Department of Labor and Workforce Development (TDLWD) Sunday afternoon about a service interruption that impacted its network operations.”
“Until Jobs4TN.gov resumes normal operation, TDLWD cannot access claimant data to make weekly unemployment benefit payments.”
"Approximately 12,000 Tennesseans rely on the unemployment program each week, as well as citizens using the workforce development aspects of Jobs4TN.gov. TDLWD leadership understands the importance of the programs accessed through the system and their impact on Tennessee’s workforce…”
“The Department will distribute benefits as soon as possible, right now there is no timeline as to when that will happen. Once the system is operational, claimants can complete their certifications for any missed weeks, and they will receive a lump sum for any delayed payments.”

Montgomery County Government, Montgomery County

Breach Type – Unknown, Data Breach

Clarksville Now
September 25th, 2020

County government was rendered offline in recent attack
Public unable to use website until further notice following cyber attack
Emails and other systems of contact are greatly affected

Clarksville Now
September 27, 2020

County governments’ systems were rendered offline over the weekend
Accessing network currently unavailable following discovery of cyber attack
Law Enforcement has been notified of attack and investigations have been launched

Leaf Chronicle
September 28th, 2020

Following the weekend outage, systems are back up and running
Cyber attack prevented access to county government's network
Preventative measures are now being taken to increase government’s systems security

Johnson City & Johnson City Police; Washington, Carter, & Sullivan Counties

Breach Type – Unknown, Ransomware

Johnson City Press
October 21st, 2019

City officials discovered note from hackers that data had been locked
City hit with ransomware cyberattack, left city recovering
IT officials stated that backup plans were in place, unlikely hackers gained any data

Johnson City Press
October 22nd, 2019

Officers were forced to issue pen and paper summonses
Locked files remained on affected computers, despite re-imaging
Officials advised that they had been prepared

Murfreesboro Water Department Bill Payment Portal, Rutherford County

Breach Type – Hacking, Other: Website Defacement

News Channel 5
August 3rd, 2019

Murfreesboro Water Department victim of hacking incident
Officials claimed attack was isolated to online bill payment service
Online bill pay service taken offline while officials worked on resolution

City of Collierville, Shelby County

Breach Type - Unknown, Ransomware

Fox 13 Memphis
July 18th, 2019

It was announced that the city is under attack by ransomware
The city had not released much information on how the attack has played out but currently several files are being blocked from access
As the attack was being accessed not much information has been acquired, operations are maintained as normal

Sevier County

Breach Type - Ransomware

The Mountain Press
May 24th, 2018

Sevier County admits computers down due to ransomware attack
Hack infected computers for several days
Sevier worked to restore systems

Knox County Election Commission's Website

Breach Type - Hack

WBIR
April 30th, 2018

During Knox County elections, hackers launch DDoS attacks on Election Commission's website
Election results delayed; however, not compromised/altered
Knox Co. Election officials manually printing and relaying election results to local news sources

Hendersonville, Sumner County

Breach Type - Phishing

Post and Courier
December 15th, 2017

Hendersonville employee falls victim to phishing scheme
Employee entered credentials into malicious website
Hackers infiltrated email account and sent phishing emails to employee's contacts

TN Comptroller’s Office

Breach Type - Hack

WSMV
July 14th, 2017

Moroccan Islamic Union-Mail claims responsibility for posting threats to website
Hackers posted notice on the Comptroller’s website
Website taken offline until IT support could thoroughly examine incident

Springfield, Robertson County

Breach Type - Ransomware

The Tennessean
September 20th, 2016

Ransomware virus hijacks city hall computer
No customer data lost during attack
Did not pay $1,000 ransom
Wiped servers and reinstated data from backup servers

Anderson County

Breach Type - Hack

Wate.com
August 10th, 2016

Security breach
More than 1,800 people could be affected
Breach could compromised personal information

Medical

Mississippi Health-Care System Reports Data Breach, Williamson County

Breach Type – Unknown, Data Breach

GovTech
March 9th, 2023

"Community Health Systems said in a press release that protected information such as names, addresses, insurance information, medical information, birth dates and social security numbers of patients and employees may have been disclosed during the breach."
"According to an SEC filing, the company estimates information about 1 million individuals may have been affected by the security breach. The company hasn't responded to questions about how many of those people were from Mississippi."
”The data breach occurred between Jan. 28, 2023, and Jan. 30, 2023.”
”Patients who think they may have been affected by the 2023 breach can enroll in an Experian credit monitoring service provided by CHSPSC at no cost for 24 months, as required by state law.”

Tennessee health system reports RCM vendor data breach., Shelby County

Breach Type – Unknown, Data Breach

Becker Hospital Review
February 20th, 2023

”Tennessee health system reports RCM vendor data breach"
"On Dec. 15, Reventics learned that an unauthorized party accessed its servers and launched an investigation into the incident.”
”The investigation determined that on Dec. 27, the unauthorized party had transferred files from its system, including files that contained patient information from Regional One, according to a Feb. 14 breach notification from Regional One..”
”The files contained patient information such as names, patient addresses, dates of birth, Social Security numbers, medical record numbers, patient account numbers, financial information, driver's license, and more."
”The RCM vendor did not mention how many people were affected by the breach, but said it has contained the incident, as well as implemented new technical safeguards in order to prevent another incident.”

Healthcare giant CHS reports first data breach in GoAnywhere hacks, Williamson County

Breach Type – Hacking, Data Breach

Bleeping Computer
February 14th, 2023

"Community Health Systems (CHS) says it was impacted by a recent wave of attacks targeting a zero-day vulnerability in Fortra’s GoAnywhere MFT secure file transfer platform.”
"The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "experienced a security incident" leading to some CHS data being compromised."
"A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.”
”With regard to the PHI and PI compromised by the Fortra breach, the Company currently estimates that approximately one million individuals may have been affected by this attack.”
”CHS is a leading healthcare provider that operates 79 affiliated acute-care hospitals and over 1,000 other sites of care across the United States.”

HCMC Addresses Third Party Data Breach, Henry County

Breach Type – Hacking, Data Breach

Henry County Medical Center News
June 20th, 2022

"MCG Health, a contracted third-party that Henry County Medical Center utilizes, recently reported they have experienced a data security breach."
"However, because patient information is shared with MCG Health in the process of caring for our patients, some HCMC patients could be impacted by this breach."
"MCG Health determined that an unauthorized party previously obtained personal information that matched data stored on MCG’s computer systems. The personal information may include some or all of the following: names, Social Security number, medical codes, postal addresses, telephone number, email addresses, dates of birth, and gender."
"Those affected by this breach have or will be receiving a letter from MCG with further details. In this letter, those affected will be offered identity protection and credit monitoring services for two years at no cost."

Ballad Health: Some patient information may have been accessed in data breach, Washington County

Breach Type – Hacking, Data Breach

WHJL News Channel 11
April 8th, 2022

“Ballad Health provided notice of a “data privacy incident” on Friday."
“The healthcare system said that in January an investigation began after unusual activity was noticed on an employee’s e-mail account. On Feb. 17, it was determined that the employee’s e-mail account was accessed without authorization for a “limited” amount of time"
“Ballad says it was not possible to determine which messages or attachments may have been accessed or viewed without permission, but out of an abundance of caution, a manual review of the account’s contents was performed in order to see whether sensitive information was contained in them."
"The statement says that the types of personal information that could have been accessed include: Name, Address, DOB, Medical History, Medical Condition, Treatment information, Medical record number, Diagnosis code, Patient account number."
"Since the event, Ballad says it has taken steps to secure the employee’s e-mail account. The statement also says the company is continuing to educate its workforce on the importance of security regarding Ballad’s email system and have altered state and federal regulators to the incident."

Personal info system breached during 'cyber incident' at Children’s Hospital, Knox County

Breach Type –Unknown, Malware

ABC 6 WATE
April 6th, 2022

"East Tennessee Children’s Hospital is working to determine the scope of a cyber incident that may have led to personal information within ETCH’s system being compromised."
“On March 13, unusual activity was found by ETCH on its network. By the end of that week, ETCH determined some of the documents stored within the system may have been copied or viewed during the cyber incident between March 11-14. "
“The investigation determined that the unauthorized individuals removed certain files and folders from portions of the network"
"The system contained the following types of information at the time: names, dates of birth, Social Security numbers, driver’s license or state identification numbers, non-resident identification numbers, other demographic information, medical information, health insurance information, credit or debit card information, financial information, billing information, other personal health information, and usernames and passwords."
“As their investigation continues, ETCH plans to contact potentially affected individuals and provide information on steps to protect their personal information.”

Centerstone of Tennessee, Davidson County

Breach Type – Phishing, Data Breach

WSMV
October 24th, 2020

Investigations into security incident started after employee noticed unusual activity involving their email account
Forensic firm found current and former Centerstone patients and employees’ personal information was exposed in cyber attack
Information that may have been exposed includes name, date of birth, Social Security, driver’s license, medical diagnosis, health care information and more

Tennessee Orthopaedic Alliance, Davidson County

Breach Type - Phishing, Data Breach

Data Breaches
February 26th, 2020

Employee email account accessed by unauthorized party
Over 81,000 patients were notified of the breach
Names, birthdates, Social Security information among leak

SouthEast Eye Specialists Group, Williamson County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review
January 15th, 2020

Employee email account accessed by bad actor via phishing
IT officials investigated the cyberattack
Officials unable to confirm if private information was accessed

Alive Hospice, Davidson County

Breach Type – Phishing, Data Breach

Health IT Security
July 8th, 2019

After unusual activity was found connected to 4 employee email accounts, Alive Hospice changed the accounts’ passwords and contacted forensic investigators
Email accounts impacted had a total of 10,893 patient records and other personal information which varied by account
Evidence of exfiltration was not found, but could not be ruled out

Aspire Health, Davidson County

Breach Type - Phishing, Data Breach

Tennessean
September 25th, 2018

Aspire health employee fell victim to phishing attack
Hackers exfiltrated some patient data, forwarding private emails to an external account
The health company immediately locked the compromised account

Alive Hospice, Davidson Co.

Breach Type - Phishing, Data Breach

Data Breaches
July 14th, 2018

Alive Hospice employees fall victim to phishing attacks
Protected Health Information potentially accessed by hackers
Alive offered identity protection services to its patients

Smith Dental

Breach Type - Ransomware

Data Breaches
February 7th, 2018

Smith Dental falls victim to ransomware
Addressed attack on their webpage, believing no patient data was compromised
Out of precaution, advises patients to monitor personal info.

Decatur General Hospital

Breach Type - Cryptomining/Hack

Data Breaches
February 7th, 2018

Hackers install cryptomining malware on Decatur's server
The EMR vendor housing the server, promptly notified Decatur
Hackers did not target patient data in any way
Out of precaution Decatur notified patients of incident

Medhost Website

Breach Type - Ransomware

HIS Talk
December 19th, 2017

Hackers target Medhost website, posted public ransom note online
Threatened to sell private patient data on dark web, if they did not receive ransom
Threatened to participate in media release on the general vulnerabilities of HIPAA
Medhost restored website and did not acknowledge the hack
Hackers continually targeted Medhost, forcing them to restore systems on multiple occasions

PrimaryCare Specialists, Inc.

Breach Type - Ransomware

Local Memphis
February 27th, 2017

Hackers infiltrated two servers
Accessed personal data of patients, for only five minutes, & encrypted all files
PrimaryCare notified potentially affected patients

Education

Tennessee State University temporarily shuts down internet access after ransomware threat, Davidson County

Breach Type – Unknown, Malware

News Channel 5
March 1st, 2023

“Tennessee State University is exercising caution after receiving ransomware threats against its wifi network.”
“Wednesday afternoon, TSU officials released a statement stating that the university's IT systems remain temporarily inaccessible since they were made aware of a possible ransomware attack on Monday."
”Several computers on campus have been compromised, but TSU says the threats to the network are under control as they work to isolate the issues.”
” TSU shut down access to the internet on Monday night following the beginning of the breach.”

Knox College experiences 'system disruptions' from ransomware, Knox County

Breach Type – Unknown, Ransomware

Galesburg News
December 2nd, 2022

"Knox College has been responding to a “system disruption” caused by ransomware, the vice president of communications and information technology services at Knox confirmed in an email on Wednesday.”
“The extent of the disruption was not immediately clear, but an internal email shows that Knox students, faculty and staff were notified on Nov. 26 that systems and operations had been shut down to protect data and information, and that systems and operations on campus will likely “remain unavailable for some time.”
“The disruption appeared to be ongoing Thursday with several college phone lines down.”

Pellissippi State Community College impacted by ransomware attack, Knox County

Breach Type – Unknown, Ransomware

DataBreaches.net
December 7th, 2021

"Pellissippi State Community College has determined that the network systems outage appears to be the result of a ransomware attack.”
"At this time, the breadth of the incident is under investigation. The College has currently contained the matter and is working to get its computer systems operational as soon as possible.”
”Pellissippi State is executing its Cyber Incident Response Plan, which includes contracting with computer forensics experts and working with law enforcement. Updates will continue to be posted on this page.”
“At the present time, all network connections on all campuses are down.”

Tennessee Wesleyan University, McMinn County

Breach Type – Unknown, Ransomware

Daily Post Athenian
January 25th, 2021

University was latest victim of ransomware cyberattack
Network was shut down to help mitigate damage
Officials believed that only devices connected to network were affected

Columbia State Community College, Maury County

Phishing, Malware

Columbia Daily
February 26th, 2019

A virus forced the closure of the community college campus for two days
After an infected email was opened, the virus spread to the communications department
The virus has continually adapted and is becoming difficult to eradicate from the systems

Pellissippi State Community College, Knox County

Phishing, Data Breach

Knox News
February 4th, 2019

More than 200 students, former and current, had personal information exposed
Investigation showed that 1,800 emails were accessed and 222 of them contained personal information
This is believed to be an isolated incident and the data may not have been dispersed

Pellissippi State Community College, Knox County

Breach Type - Phishing, Data Breach

Daily Times
February 5th, 2019

Over 200 students could be in danger of identity theft after exposure
Students were contacted accordingly and informed of risk
Investigations showed 1,800 emails were exposed and over 200 contained sensitive information

East Tennessee State University, Washington County

Breach Type - Phishing, Data Breach

WJHL
November 19th, 2018

Two employees clicked on malicious links sent via phishing scheme
Cyber attack believed to be a targeted event
Private data at risk affecting 7,700 people

Jefferson County Schools, Jefferson Co.

Breach Type - Phishing, Other

Citizen Tribune
July 25th, 2018

Cyber attack targets Jefferson County Schools
Infected email system through phishing scheme
Hackers infiltrated system and sent mass, spam emails to school contacts

Southern College of Optometry, Shelby Co.

Breach Type - Phishing, Data Breach

Office of the Vermont Attorney General
July 20th, 2018

Employee email account affected in phishing scheme
Private information and Social Security numbers of students stored on email account
Southern College of Optometry providing one year of credit monitoring

TN Ready Online testing & Questar

Breach Type - Hack

Times Free Press
April 17th, 2018

Statewide testing experiences deliberate cyber attack
State postponed testing for students
State vendor Questar blocked source of unusual traffic patterns to prevent attack reoccurrence

Citizen Tribune
April 18th, 2018

Questar proved to be direct victim of attack
Since implemented, TNReady caused issues for the state
Teachers & staff relieved due to test postponing

Maury County Public Schools District

Breach Type - Ransomware

Columbia Daily Herald
January 5th, 2018

School districts computer locked down & files encrypted by hackers
No data believed to be accessed or stolen
District working to restore systems & recover backups
Cyber insurance may reimburse district for work cost

Vanderbilt University

Breach Type - Hack

Tennessean
January 17th, 2017

Hackers target printers, inexplicable anti-Semitic flyers being printed
University notified federal authorities
Similar printing hacks hit several universities across the county

Tennessee Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in
9-1-1 Cyber News?

Follow Us!

Tennessee Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in9-1-1 Cyber News?

Follow Us!

Want the latest in
9-1-1 Cyber News?