Wisconsin Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Wisconsin.jpg
 

Public Safety

City of Racine & Racine Police Department, Racine County

Breach Type – Unknown, Ransomware

Journal Times

  • Bad actors used ransomware in cyberattack
  • City website, email, and payment all taken offline
  • Officials unsure whether data was stolen
Read More

 
City of Oshkosh, Oshkosh Police Department, & Oshkosh Fire Department, Winnebago County

Breach Type – Unknown, Malware

Wbay

  • Website, email and phone services impacted after cyberattack
  • Emergency services remained unaffected
  • City's access to tax information and online bill payment taken offline
Read More

 
Kewaskum Police Department, Washington County

Breach Type - Data Breach

WTMJ-TV

  • Hackers suspected to have stolen data of thousands from Kewaskum Police Department database
  • Half of town’s population may have been exposed
  • Victims warned private information compromised
  • Attack has caused department to increase security
Read More
BACK TO TOP

Local Government

Village of Whitefish Bay targeted by cyber security attack, Milwaukee County

Breach Type – Unknown, Ransomware

CBS 58 WDJT

  • "According to a news release, the Village of Whitefish Bay was targeted by a "malicious and sophisticated cyber security attack" on Saturday, July 31.”
  • “The Village of Whitefish Bay released details that the village's IT team was alerted to an unauthorized intrusion and immediately took village systems offline and activated cyber threat protocol, engaging third-party experts and law enforcement.”
  • “…Whitefish Bay maintains a cyber-incident response plan, which allowed the village to quickly identify and contain the threat, secure vulnerabilities and support the investigation with law enforcement.”
  • “Authorities say that the attackers may have accessed and encrypted some internal files.”
Read More

 
City of Kenosha Website, Kenosha County

Breach Type – Unknown, DDoS

Fox 6

  • City website taken offline following DDoS cyberattack
  • Twitter user had claimed responsibility for discovering vulnerabilities
  • IT officials reassured the public that private data remained intact
Read More

 
Manitowoc County

Breach Type - Phishing/Data Breach

Herald Times Reporter

  • Hackers infiltrate email account of Manitowoc County employee via phishing scheme
  • County alerted to hack four months after incident occurred
  • Phishing attack resulted in data breach of private information
Read More

 
State of Wisconsin Election System

Breach Type - Hack

NBC News

  • Senior intelligence officers believed original hacked states included Wisconsin
  • Websites affected & scanned but no hack believed to compromise voting system
  • Wisconsin Elections Commission has not successfully detected hack on its system
Read More

 
City of Fond Du Lac

Breach Type - Hack

WBAY

  • City claims Water Payment Portal has been hacked
  • Those paying water bills online should monitor their credit
  • Third party investigators claim that a known vulnerability was unaddressed in October
  • City offering to waive late fees and over the phone credit fees
Read More

 
Village of Nashotah

Breach Type - Ransomware

JSO Online

  • Village of Nashotah paid unidentified hacker $2k ransom
  • Hack in late November left some of resident's personal data compromised
  • Village President claims hack totally encrypted computer files
  • Files inaccessible to staff
  • Village board approved purchase of computer protection services and backup systems
Read More

 
Indianhead Federated Library Systems

Breach Type - Ransomware

Leader-Telegram

  • Eau Claire, Eau Claire Co., Chipewa Co. Libraries
  • Reported ransomware to 49 potentially affected libraries
  • Hacker demonstrated knowledge of patron personal information & demanded ransom
  • Officials don't yet know how hacker accessed system
Read More

 
Wisconsin Democratic Party

Breach Type - Hack

Data Breaches

  • Russian Hackers
  • Compromised the website of the 8th Congressional District Democratic Party"
  • Compromised sites of seven county Democratic party organizations
Read More

 
Janesville

Breach Type - Ransomware

Channel 3000

  • Multiple employees opened compromised emails
  • Employees notified IT department
  • Took down possibly infected computers
  • No sensitive information was accessed during the attack
Read More

 
BACK TO TOP

Medical

Ciox health data breach at Mercy Health potentially exposes PHI, 32 other providers affected , Rock County

Breach Type – Hacking, Data Breach

Beckers Hospital Review

  • "Mercy Health issued a warning about an email breach that has potentially exposed the personal health information of patients."
  • "Ciox Health, a company that provides health information management services to Mercy Health, experienced an email breach between June 24 and July 2"
  • "The unauthorized party accessed a Ciox employee's email account downloading emails and attachments that may have contained patients' clinical, treatment and demographic information."
  • "During an investigation, Ciox said it had found no indication that the patient information obtained has been misused."
Read More

 
Hackers Access 4,000 UW Health Patients' Epic MyChart Portals for Nearly 4 Months, Dane County

Breach Type – Hacking, Data Breach

Becker Hospital Review

  • “Madison, Wis.-based UW Health began notifying 4,318 patients of a data breach in their Epic MyChart patient portal."
  • "Between April 20 and May 4, an investigation identified unauthorized access to patients' MyChart accounts by an unknown third party, who may have viewed patient data."
  • “For some patients, the unauthorized party visited MyChart's patient portal homepage, which displays clinical information. Pages containing appointments and admissions, health insurance and personal information may have also been visited."
Read More


 
Froedtert Hospitals, Milwaukee County

Breach Type – Unknown, Data Breach

TMJ4

  • Patient information was stolen and security breached at Blackbaud contractor
  • Official statement did not state how or when potential leak was discoveredData included patient names, addresses, provider names, dates of patient visits, medical record numbers and dates of birth
  • Blackbaud informed the hospital that the vulnerability has been observed and security is being improved
Read More

 
Advocate Aurora Health, Milwaukee County

Breach Type - Phishing, Data Breach

BizTimes

  • Personal information likely leaked following cyberattack
  • Social Security numbers and bank information among leak
  • Likely affected nearly 70,000 employees
Read More

 
Virtual Care Provider Inc, Milwaukee County

Breach Type – Source, Entity Hit

Search Health IT

  • Wisconsin health center among over 100 facilities hit in cyberattack
  • Officials believed upwards of 20% of their servers were disabled
  • Bad actors demanded $14 million as ransom
Read More

 
Wisconsin Diagnostic Laboratories, Milwaukee County

Breach Type – Hacking, Data Breach

HIPAA Journal

  • The laboratories have notified 114,985 patients of a data breach causing their private information to be exposed
  • The hacker had gained access through the web portal for four months
  • No information relating to social security or lab test results was exposed
Read More

 
Fort Healthcare, Jefferson County

Breach Type - Phishing, Data

Daily Union

  • Fort HealthCare attacked via e-mail phishing incursion into computer systems
  • 19,000 patients' personal information possibly compromised
  • Local hospital and clinics among victims of the attack, in addition to 45 other health-care customers
Read More

 
RISE Wisconsin, Dane County

Breach Type - Ransomware

DataBreaches

  • RISE became victim of ransomware attack
  • Immediately took systems offline & notified law enforcement
  • Attack potentially compromised PHI
Read More

 
Scenic Bluffs Community Health Centers

Breach Type - Hack

DataBreaches

  • Hackers gained access to staff email account
  • Hackers attempted to exfiltrate data, but the mechanisms were immediately disabled
  • 2,889 patients potentially affected in data breach
Read More

 
Medical College of Wisconsin

Breach Type - Phishing

Journal Sentinel

  • 9,500 patients' info compromised by targeted attack on email system
  • Social security numbers of 34 patients accessible via the affected email accounts
  • Medical College of Wisconsin notified patients of incident
Read More

 
Aurora BayCare Medical Center

Breach Type - Ransomware

WSAW-TV 7

  • Malware hits internationally, affecting locations in Wisconsin
  • Malware identified as Petya
  • Aurora Baycare deployed backup systems to ensure patient care remains uninterrupted
Read More

 
Metropolitan Urology Group

Breach Type - Ransomware

Healthcare IT News

  • Ransomware attack may have exposed private data on two servers
  • 17,634 patients potentially affected in breach
  • Social Security numbers of 5 patients could have been accessed
  • Metropolitan Urology Group offering free credit monitoring
Read More

 
Medical College of Wisconsin

Breach Type - Hack

Data Breaches

  • 21 veterans' health information accessible to hackers
  • No evidence surfaced that veterans' data was maliciously exposed
  • This hacking event was the first part of an overarching breach on the Medical College of Wisconsin
Read More

 
BACK TO TOP

Education

Black River Falls schools closed Friday because of IT network disruptions, Jackson County

Breach Type – Hacking, Malware

NEWS 8000

  • "The Black River Falls School District canceled all classes Friday because of an incident involving unauthorized access to the district’s IT network."
  • "Thursday night saying that student record system is unavailable, and the district has no access to attendance, medication records, family contact information, or court orders."
  • "Police, security and forensics experts are investigating, and all network devices are unavailable because of the investigation."
Read More

 
Janesville school district hit by ransomware attack, Dane County

Breach Type – Unknown, Ransomware

NBC 15 WMTV

  • "A ransomware attack on the School District of Janesville has locked its servers and left students, staff, and families unable to login to some of the district’s online programs"
  • “The Village of Whitefish Bay released details that the village's IT team was alerted to an unauthorized intrusion and immediately took village systems offline and activated cyber threat protocol, engaging third-party experts and law enforcement.”
  • ”they have not received any demands for releasing the system."
Read More

 
Shorewood School District, Milwaukee County

Breach Type – Unknown, Data Breach

TMJ4

  • The school district had mistakenly released information regarding student's name and ID number, school, and demographics like gender and ethnicity
  • The leak was accidentally prompted from an open records request
  • Due to the recent breach new procedures have been authorized to prevent this from happening again in the future
Read More

 
Union Grove High School, Racine County

Breach Type – Unknown, Ransomware

The Journal Times

  • IT personnel acted quickly, helped mitigate damage from cyberattack
  • Officials took nearly a week to cleanse affected systems
  • School increased its security protections and educated staff
Read More

 
Northcentral Technical College, Marathon County

Breach Type - Hack

WSAU

  • Cyber attack hits Northcentral Technical College
  • Cancelled classes to implement a cyber security response plan
  • No personal data compromised as result of attack
  • Working diligently to bring systems back online
Read More

 
Barron Area School District

Breach Type - Phishing

Bloomer Advance

  • Barron Area School District falls victim to spear-phishing scheme
  • W-2 forms of 430 people compromised
  • Employees reported five accounts of fraudulent tax returns filed
  • IRS has PIN system in place for those who felt their data had been compromised
Read More

 
Black River Falls School District

Breach Type - Phishing

Lacrosse Tribune

  • District employee fell victim to spear-phishing scheme
  • Sent all 2016 employee W-2 forms to hackers
  • Hackers posed as superintendent to trick District employees
Read More

 
BACK TO TOP