Washington D.C. Cyber Attacks

Infrastructure Affected

Public Safety
Back to Archive
Washington D.C. w. Zoom 3.jpg

Public Safety

DC Police Department, District of Columbia

Breach Type – Unknown, Ransomware


  • Babuk ransomware threat actors claim to have infected DC Police systems
  • Screenshots of alleged arrest records were posted on the Babuk site
  • No word as to whether or not there has, or will be, a ransom payment made
Read More

Maritime Transportation Security Act (MTSA) Regulated Facility

Breach Type – Phishing, Ransomware


  • United States Coast Guard facility was victim of ransomware hit
  • Unknowing employee clicked on fraudulent link sent by bad actor
  • Encrypted files and cargo transfer controls affected in cyberattack
Read More

Hackers Hit D.C. Police

Breach Type - Ransomware

Washington Post

  • Allegedly took place 8 days before Presidential Inauguration
  • Infected 70% of storage devices that record data from D.C. police surveillance cameras
  • Forced major citywide reinstallation efforts
  • Left police cameras unable to record for 3 days
  • City did not pay ransom
Read More
Bleeping Computer

  • Suspected hackers Mihai Alexandru Isvanca and Eveline Cismaru
  • Hacked surveillance cameras to access computer network
  • Hacked MPDC cameras and computers on January 9
  • Went undiscovered until Jan 12th
  • City did not pay ransom
Read More


Local Government

U.S. Department of Commerce, District of Columbia

Breach Type – Hacking, Data Breach


  • Russian bad actors believed to have monitored US Treasury email
  • Commerce Department confirmed an attack occurred
  • SolarWinds updates were possible key to hacker's attempts
Read More

US Department of Veteran's Affairs Office of Management, District of Columbia

Breach Type – Hacking, Other

Navy Times

  • Roughly 46,000 veterans had private information leaked following cyberattack
  • VA Office of Finance disabled payment system amid security concerns
  • Bad actors diverted payments away from beneficiaries
Read More

U.S. Health and Human Services Department, District of Columbia

Breach Type – Hacking, Other


  • Foreign bad actor believed to be behind coordinated cyberattack
  • Health and Human Services servers were hit with DDoS
  • Cyberattack failed to achieve its goal, HHS remained unaffected
Read More

U.S. Federal Depository Library Program Website, Washington DC

Breach Type – Hacking, Other: Website Defacement

CBS News

  • Federal website defaced with pro-Iranian message
  • Officials were unable to determine affiliation of bad actors
  • Senior government official dismissed attack as unimportant
Read More

D.C. Government

Breach Type - Phishing, Other

Washington Post

  • Treasury Department investigating phishing schemes in July
  • Hackers infiltrated communication with a construction vendor & impersonated vendor
  • A D.C. government department processed payments to fraudulent vendor through electronic wire transfer
  • $700,000 lost as a result of fraudulent transfer, currently no money has been recovered
Read More

Defense Department

Breach Type - Hacking, Data Breach


  • Defense Department experiences cyber breach of travel records
  • Hackers compromised personal information and credit card data of U.S. Military and civilian personnel
  • Breach potentially affected at least 30,000 workers
  • No classified information compromised
Read More

Capitol Hill

Breach Type - Ransomware

The Intercept

  • Hackers attempt at infiltrating congressional computers
  • Hackers used a series of email hacks through Yahoo and Gmail
  • House had parts of Wi-Fi and Ethernet on lockdown
Read More



CareFirst BlueCross BlueSheild Community Health Plan, DC

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • 200,665 people affected by data breach likely carried out by foreign cyber criminals
  • Compromised information may include, but is not limited to, SSNs, medical information, and names
  • CareFirst has collaborated with the FBI and CrowdStrike to investigate and resolve the situation
Read More

World Health Organization (WHO), DC

Breach Type – Hacking, Data Breach


  • Bad actors released 25,000 emails and passwords following cyberattack
  • National Institutes of Health, World Health Organization, Gates Foundation among victims
  • World Health Organization accounted for nearly 3,000 of the leaked emails and passwords
Read More

National Capital Poison Center

Breach Type - Ransomware

Office of Attorney General

  • Ransomware infection hits DC's Poison center exclusively
  • NCPC notifies potentially affected patients as precaution
  • No personal information is believed to have been accessed/exposed
Read More

MedStar Health

Breach Type - Ransomware

CSO Online

  • Disabled network after ransomware virus infected multiple systems
  • Took down systems to isolate virus
  • No evidence that information has been compromised
  • Organization moved to backup systems and paper transactions
  • FBI leading investigation
Read More
The Washington Post

  • Hackers demand $19k in a 10-day deadline
  • Some patients turned away
  • Others treated without important computer records which resulted in improper treatment
  • Medstar had trouble determining diagnosis without speedy lab results
Read More



No attacks logged to date.