Tennessee Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Tennessee.jpg
 

Public Safety

City of Knoxville, Knoxville Police & Fire Department Computer Systems, Knox County

Breach Type – Unknown, Ransomware

WBIR

  • The city's network was hit by ransomware causing a shutdown and investigations to start up
  • Officers were resorting to pen and paper methods to fill out reports but the computer network was inaccessible
  • Emails were also affected making communication between personal to be difficult
Read More

 
Lawrence County Sheriff’s Office, Lawrence County

Breach Type – Unknown, Ransomware

FOX 17

  • Ransomware used by bad actors in cyberattack
  • County Sheriff's Office E-911 system was hit
  • CAD and license plate checks among affected systems
Read More

 
Coffee County Sheriff’s Department & Jail, Coffee County

Breach Type - Unknown, Ransomware

On Target News

  • County jail was victim of ransomware cyberattack
  • State law enforcement agencies assisted with investigation
  • Arrest, booking, and sentencing records were locked
Read More
Manchester Times

  • County sheriff confirmed ransomware was used
  • Employees discovered bad actors moving files
  • Officials were worried arrest records would be altered
Read More

 
Spring Hill City & 911

Breach Type - Ransomware

WKRN

  • Starts as a city hack
  • Employee opens infected email
  • Hackers demand $250,000
  • Dispatchers most affected, writing info on notepads
Read More
WKRN

  • Citizens unable to make online payment for 10 days
  • Hack shut down all mobile data terminals in police cars
Read More
SC Magazine

  • Public safety and city emails will be restored first
  • No information has been removed by hackers
Read More

 
Henry County 911 Systems

Breach Type - Ransomware

Paris Post Intelligencer

  • Department of Homeland Security named Henry County as one of many cyber attacks
  • Virus infected the Computer Aided Dispatch System
  • Dispatchers could take calls, not locations
  • Passwords of computer programs not strong enough
Read More

 
Murfreesboro Police & Fire Dept. Hit

Breach Type - Ransomware

The Tennessean

  • WannaCry ransomware
  • 19 computers and 2 file servers were down
  • Most affected data is not retrievable, however no significant files lost
Read More

 
Dickson Sheriff’s Office Pays Ransom

Breach Type - Ransomware

The Tennessean


Read More

 
BACK TO TOP

Local Government

Officials investigate after Tipton County cyber attack

Breach Type – Hacking, Other

WREG News

  • ”Tipton County officials are checking administrative bank accounts after a cyber attack compromised at least three county credit cards.”
  • "According to an incident report, Maxwell’s government-issued email was hacked and pertinent information such as receipts and bank documents were compromised. It says the hackers tried to establish a line of credit using personal information found in her email account.”
  • ”A sheriff’s office credit card along with two other county cards had to be closed due to attempted fraudulent charges, according to the report. Thankfully, as of now, it does not appear the hackers were able to get away with any money.”
Read More

 
Statement on Jobs4TN.gov Service Outage, State of Tennessee

Breach Type – Unknown, Malware

Department of Labor and Workforce Development

  • “Geographic Solutions (GSI), the vendor that operates Jobs4TN.gov, notified the Tennessee Department of Labor and Workforce Development (TDLWD) Sunday afternoon about a service interruption that impacted its network operations.”
  • “Until Jobs4TN.gov resumes normal operation, TDLWD cannot access claimant data to make weekly unemployment benefit payments.”
  • "Approximately 12,000 Tennesseans rely on the unemployment program each week, as well as citizens using the workforce development aspects of Jobs4TN.gov. TDLWD leadership understands the importance of the programs accessed through the system and their impact on Tennessee’s workforce…”
  • “The Department will distribute benefits as soon as possible, right now there is no timeline as to when that will happen. Once the system is operational, claimants can complete their certifications for any missed weeks, and they will receive a lump sum for any delayed payments.”
Read More

 
Montgomery County Government, Montgomery County

Breach Type – Unknown, Data Breach

Clarksville Now

  • County government was rendered offline in recent attack
  • Public unable to use website until further notice following cyber attack
  • Emails and other systems of contact are greatly affected
Read More
Clarksville Now

  • County governments’ systems were rendered offline over the weekend
  • Accessing network currently unavailable following discovery of cyber attack
  • Law Enforcement has been notified of attack and investigations have been launched
Read More
Leaf Chronicle

  • Following the weekend outage, systems are back up and running
  • Cyber attack prevented access to county government's network
  • Preventative measures are now being taken to increase government’s systems security
Read More

 
Johnson City & Johnson City Police; Washington, Carter, & Sullivan Counties

Breach Type – Unknown, Ransomware

Johnson City Press

  • City officials discovered note from hackers that data had been locked
  • City hit with ransomware cyberattack, left city recovering
  • IT officials stated that backup plans were in place, unlikely hackers gained any data
Read More
Johnson City Press

  • Officers were forced to issue pen and paper summonses
  • Locked files remained on affected computers, despite re-imaging
  • Officials advised that they had been prepared
Read More

 
Murfreesboro Water Department Bill Payment Portal, Rutherford County

Breach Type – Hacking, Other: Website Defacement

News Channel 5

  • Murfreesboro Water Department victim of hacking incident
  • Officials claimed attack was isolated to online bill payment service
  • Online bill pay service taken offline while officials worked on resolution
Read More

 
City of Collierville, Shelby County

Breach Type - Unknown, Ransomware

Fox 13 Memphis

  • It was announced that the city is under attack by ransomware
  • The city had not released much information on how the attack has played out but currently several files are being blocked from access
  • As the attack was being accessed not much information has been acquired, operations are maintained as normal
Read More

 
Sevier County

Breach Type - Ransomware

The Mountain Press

  • Sevier County admits computers down due to ransomware attack
  • Hack infected computers for several days
  • Sevier worked to restore systems
Read More

 
Knox County Election Commission's Website

Breach Type - Hack

WBIR

  • During Knox County elections, hackers launch DDoS attacks on Election Commission's website
  • Election results delayed; however, not compromised/altered
  • Knox Co. Election officials manually printing and relaying election results to local news sources
Read More

 
Hendersonville, Sumner County

Breach Type - Phishing

Post and Courier

  • Hendersonville employee falls victim to phishing scheme
  • Employee entered credentials into malicious website
  • Hackers infiltrated email account and sent phishing emails to employee's contacts
Read More

 
TN Comptroller’s Office

Breach Type - Hack

WSMV

  • Moroccan Islamic Union-Mail claims responsibility for posting threats to website
  • Hackers posted notice on the Comptroller’s website
  • Website taken offline until IT support could thoroughly examine incident
Read More

 
Springfield, Robertson County

Breach Type - Ransomware

The Tennessean

  • Ransomware virus hijacks city hall computer
  • No customer data lost during attack
  • Did not pay $1,000 ransom
  • Wiped servers and reinstated data from backup servers
Read More

 
Anderson County

Breach Type - Hack

Wate.com

  • Security breach
  • More than 1,800 people could be affected
  • Breach could compromised personal information
Read More

 
BACK TO TOP

Medical

HCMC Addresses Third Party Data Breach, Henry County

Breach Type – Hacking, Data Breach

Henry County Medical Center News

  • "MCG Health, a contracted third-party that Henry County Medical Center utilizes, recently reported they have experienced a data security breach."
  • "However, because patient information is shared with MCG Health in the process of caring for our patients, some HCMC patients could be impacted by this breach."
  • "MCG Health determined that an unauthorized party previously obtained personal information that matched data stored on MCG’s computer systems. The personal information may include some or all of the following: names, Social Security number, medical codes, postal addresses, telephone number, email addresses, dates of birth, and gender."
  • "Those affected by this breach have or will be receiving a letter from MCG with further details. In this letter, those affected will be offered identity protection and credit monitoring services for two years at no cost."
Read More

 
Ballad Health: Some patient information may have been accessed in data breach, Washington County

Breach Type – Hacking, Data Breach

WHJL News Channel 11

  • “Ballad Health provided notice of a “data privacy incident” on Friday."
  • “The healthcare system said that in January an investigation began after unusual activity was noticed on an employee’s e-mail account. On Feb. 17, it was determined that the employee’s e-mail account was accessed without authorization for a “limited” amount of time"
  • “Ballad says it was not possible to determine which messages or attachments may have been accessed or viewed without permission, but out of an abundance of caution, a manual review of the account’s contents was performed in order to see whether sensitive information was contained in them."
  • "The statement says that the types of personal information that could have been accessed include: Name, Address, DOB, Medical History, Medical Condition, Treatment information, Medical record number, Diagnosis code, Patient account number."
  • "Since the event, Ballad says it has taken steps to secure the employee’s e-mail account. The statement also says the company is continuing to educate its workforce on the importance of security regarding Ballad’s email system and have altered state and federal regulators to the incident."
Read More

 
Personal info system breached during 'cyber incident' at Children’s Hospital, Knox County

Breach Type –Unknown, Malware

ABC 6 WATE

  • "East Tennessee Children’s Hospital is working to determine the scope of a cyber incident that may have led to personal information within ETCH’s system being compromised."
  • “On March 13, unusual activity was found by ETCH on its network. By the end of that week, ETCH determined some of the documents stored within the system may have been copied or viewed during the cyber incident between March 11-14. "
  • “The investigation determined that the unauthorized individuals removed certain files and folders from portions of the network"
  • "The system contained the following types of information at the time: names, dates of birth, Social Security numbers, driver’s license or state identification numbers, non-resident identification numbers, other demographic information, medical information, health insurance information, credit or debit card information, financial information, billing information, other personal health information, and usernames and passwords."
  • “As their investigation continues, ETCH plans to contact potentially affected individuals and provide information on steps to protect their personal information.”
Read More

 
Centerstone of Tennessee, Davidson County

Breach Type – Phishing, Data Breach

WSMV

  • Investigations into security incident started after employee noticed unusual activity involving their email account
  • Forensic firm found current and former Centerstone patients and employees’ personal information was exposed in cyber attack
  • Information that may have been exposed includes name, date of birth, Social Security, driver’s license, medical diagnosis, health care information and more
Read More

 
Tennessee Orthopaedic Alliance, Davidson County

Breach Type - Phishing, Data Breach

Data Breaches

  • Employee email account accessed by unauthorized party
  • Over 81,000 patients were notified of the breach
  • Names, birthdates, Social Security information among leak
Read More

 
SouthEast Eye Specialists Group, Williamson County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review

  • Employee email account accessed by bad actor via phishing
  • IT officials investigated the cyberattack
  • Officials unable to confirm if private information was accessed
Read More

 
Alive Hospice, Davidson County

Breach Type – Phishing, Data Breach

Health IT Security

  • After unusual activity was found connected to 4 employee email accounts, Alive Hospice changed the accounts’ passwords and contacted forensic investigators
  • Email accounts impacted had a total of 10,893 patient records and other personal information which varied by account
  • Evidence of exfiltration was not found, but could not be ruled out
Read More

 
Aspire Health, Davidson County

Breach Type - Phishing, Data Breach

Tennessean

  • Aspire health employee fell victim to phishing attack
  • Hackers exfiltrated some patient data, forwarding private emails to an external account
  • The health company immediately locked the compromised account
Read More

 
Alive Hospice, Davidson Co.

Breach Type - Phishing, Data Breach

Data Breaches

  • Alive Hospice employees fall victim to phishing attacks
  • Protected Health Information potentially accessed by hackers
  • Alive offered identity protection services to its patients
Read More

 
Smith Dental

Breach Type - Ransomware

Data Breaches

  • Smith Dental falls victim to ransomware
  • Addressed attack on their webpage, believing no patient data was compromised
  • Out of precaution, advises patients to monitor personal info.
Read More

 
Decatur General Hospital

Breach Type - Cryptomining/Hack

Data Breaches

  • Hackers install cryptomining malware on Decatur's server
  • The EMR vendor housing the server, promptly notified Decatur
  • Hackers did not target patient data in any way
  • Out of precaution Decatur notified patients of incident
Read More

 
Medhost Website

Breach Type - Ransomware

HIS Talk

  • Hackers target Medhost website, posted public ransom note online
  • Threatened to sell private patient data on dark web, if they did not receive ransom
  • Threatened to participate in media release on the general vulnerabilities of HIPAA
  • Medhost restored website and did not acknowledge the hack
  • Hackers continually targeted Medhost, forcing them to restore systems on multiple occasions
Read More

 
PrimaryCare Specialists, Inc.

Breach Type - Ransomware

Local Memphis

  • Hackers infiltrated two servers
  • Accessed personal data of patients, for only five minutes, & encrypted all files
  • PrimaryCare notified potentially affected patients
Read More

 
BACK TO TOP

Education

Pellissippi State Community College impacted by ransomware attack, Knox County

Breach Type – Unknown, Ransomware

DataBreaches.net

  • "Pellissippi State Community College has determined that the network systems outage appears to be the result of a ransomware attack.”
  • "At this time, the breadth of the incident is under investigation. The College has currently contained the matter and is working to get its computer systems operational as soon as possible.”
  • ”Pellissippi State is executing its Cyber Incident Response Plan, which includes contracting with computer forensics experts and working with law enforcement. Updates will continue to be posted on this page.”
  • “At the present time, all network connections on all campuses are down.”
Read More

 
Tennessee Wesleyan University, McMinn County

Breach Type – Unknown, Ransomware

Daily Post Athenian

  • University was latest victim of ransomware cyberattack
  • Network was shut down to help mitigate damage
  • Officials believed that only devices connected to network were affected
Read More

 
Columbia State Community College, Maury County

Phishing, Malware

Columbia Daily

  • A virus forced the closure of the community college campus for two days
  • After an infected email was opened, the virus spread to the communications department
  • The virus has continually adapted and is becoming difficult to eradicate from the systems
Read More

 
Pellissippi State Community College, Knox County

Phishing, Data Breach

Knox News

  • More than 200 students, former and current, had personal information exposed
  • Investigation showed that 1,800 emails were accessed and 222 of them contained personal information
  • This is believed to be an isolated incident and the data may not have been dispersed
Read More

 
Pellissippi State Community College, Knox County

Breach Type - Phishing, Data Breach

Daily Times

  • Over 200 students could be in danger of identity theft after exposure
  • Students were contacted accordingly and informed of risk
  • Investigations showed 1,800 emails were exposed and over 200 contained sensitive information
Read More

 
East Tennessee State University, Washington County

Breach Type - Phishing, Data Breach

WJHL

  • Two employees clicked on malicious links sent via phishing scheme
  • Cyber attack believed to be a targeted event
  • Private data at risk affecting 7,700 people
Read More

 
Jefferson County Schools, Jefferson Co.

Breach Type - Phishing, Other

Citizen Tribune

  • Cyber attack targets Jefferson County Schools
  • Infected email system through phishing scheme
  • Hackers infiltrated system and sent mass, spam emails to school contacts
Read More

 
Southern College of Optometry, Shelby Co.

Breach Type - Phishing, Data Breach

Office of the Vermont Attorney General

  • Employee email account affected in phishing scheme
  • Private information and Social Security numbers of students stored on email account
  • Southern College of Optometry providing one year of credit monitoring
Read More

 
TN Ready Online testing & Questar

Breach Type - Hack

Times Free Press

  • Statewide testing experiences deliberate cyber attack
  • State postponed testing for students
  • State vendor Questar blocked source of unusual traffic patterns to prevent attack reoccurrence
Read More
Citizen Tribune

  • Questar proved to be direct victim of attack
  • Since implemented, TNReady caused issues for the state
  • Teachers & staff relieved due to test postponing
Read More

 
Maury County Public Schools District

Breach Type - Ransomware

Columbia Daily Herald

  • School districts computer locked down & files encrypted by hackers
  • No data believed to be accessed or stolen
  • District working to restore systems & recover backups
  • Cyber insurance may reimburse district for work cost
Read More

 
Vanderbilt University

Breach Type - Hack

Tennessean

  • Hackers target printers, inexplicable anti-Semitic flyers being printed
  • University notified federal authorities
  • Similar printing hacks hit several universities across the county
Read More

 

BACK TO TOP