United States


Cyberattack at Indiana Water Plant

April 19, 2024

A wastewater treatment plant in Indiana suffered a cyberattack Friday, forcing maintenance personnel to investigate the nature of the incident.
“We were targeted and we have not been compromised,” said Jim Ankrum, general manager of Tipton Municipal Utilities (TMU) in a CNN report. TMU provides electricity, water and wastewater treatment for Tipton, a town of 5,000 people that is about 40 miles north of Indianapolis. “TMU experienced minimal disruption and remained operational at all times.”
A Russia-linked hacking group claimed responsibility, according to the report. The same group claimed credit for a string of hacking incidents against water facilities in Texas earlier this year.

read more

Operations Impacted at Top Pediatric Hospital in US

February 3, 2024

Lurie Children’s Hospital in Chicago took IT systems offline after a cyberattack. The security incident severely impacted normal operations also causing the delay of medical care. Lurie confirmed that the attack disrupted the hospital’s access to the internet, email, phone services, and the MyChat platform. “The incident has impacted phones, emails, internet service, some elective surgeries and procedures even had to be canceled.”

read more

Operations Disrupted in Cyberattack at Building Materials Manufacturer Simpson Strong-Tie Co.

October 9, 2023

Building and structural materials producer, Simpson Strong-Tie Co. Inc., is only now alerting customers in a letter dated March 19, about a cyberattack suffered back in October 2023. From October 9 to October 11 he attackers had access to data that included personal information about certain individuals. Additionally, at the time of the attack the company detected IT problems and application outages, which it soon realized was a cyberattack. In response to the situation, Simpson took all impacted systems offline.

“The incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations,” the company said in the report.

read more

Data Security Incident at Sierra Lobo (SLI), a US Aerospace Engineering Firm

February 23, 2024

Despite patching a vulnerability in a remote access tool, Fremont, Ohio-based Sierra Lobo, Inc. (SLI), suffered a data security incident the company feels launched before they applied the mitigation.

“Based upon the forensic investigation, this cybersecurity incident commenced through the exploitation of a vulnerability in our remote access tool, ScreenConnect. Despite the immediate application of a patch addressing the identified vulnerability, subsequent investigations suggest that the system remained compromised, indicating that the initial breach occurred prior to the patch application.”

read more

Southwest Binding & Laminating Hit by Ransomware Attack

February 1, 2024

Missouri-based Southwest Plastic Binding Company, known as Southwest Binding & Laminating, suffered a ransomware attack at the beginning of February that may have exposed personal information, company officials said.

On February 1, Southwest noticed unusual activity on its internal network from a Southwest domain account with administrator privileges. The company immediately began investigating the incident. “We responded by immediately taking all servers offline. Additionally, on this same day, remediation efforts began, including efforts to restore critical business files and services.”

read more

Radiant Logistics Isolates Canadian Operations after Cyberattack

March 14, 2024

Radiant Logistics, an international freight technology company said it has cut off a portion of its business in Canada after a cyberattack. The Company proactively took measures to isolate its Canadian operations from the rest of its network. The incident has caused service delays for customers in Canada.

Despite the shutdown, the filing says the incident is not “reasonably likely to materially impact the Company’s financial conditions.” No ransomware gang has taken credit for the incident.

read more

Cyberattack Affects Communications at KCATA Transit

January 23, 2024

A ransom cyber-attack hit the KCATA early Tuesday, January 23. The company website notes “The primary customer impact is that regional RideKC call centers cannot receive calls, nor can any KCATA landline. All service is operating, including fixed-route buses, Freedom and Freedom-On-Demand paratransit service. KCATA is working around the clock with our outside cyber professionals and will have systems back up and running as soon as possible.”

read more

Weeks of Operational Shutdown at Welch Foods Plant

February 2, 2024

A cyberattack shut down production at Welch Foods Inc. plant in North East on Feb. 2. The plant restarted jam and jelly production lines end of February.

About 50 or 60 employees, who are members of Teamster’s Local 397 in Erie, remained on the job throughout February and over 200 employees were laid off.

read more

International Paper takes Mill Operations Offline after Cyberattack

February 22, 2024

International Paper is in the process of starting up its Riegelwood Mill after shutting it down due to a cyberattack, a company spokesperson said Thursday morning.

“Late last week, we experienced a cyberattack event on our operating systems at our mill in Riegelwood, N.C.,” IP spokesperson Kimberly Clewis wrote in a statement. “Thankfully, everyone at the mill is safe and there have been no environmental issues.”

The statement said that “out of an abundance of caution, we coordinated an orderly shutdown of the mill to resolve the issue and are in the process of starting up the mill.”

Clewis said the attacker accessed International Paper’s system through a third-party vendor “and did not directly target our company or mill. This event impacted only a limited set of manufacturing systems at the Riegelwood Mill. No other mills, locations or systems were affected.”

read more

Continental Aerospace Discloses Cyberattack

February 20, 2024

Continental Aerospace is under a cyberattack according to its website. The engine manufacturer recently posted a website banner announcing that it is experiencing an ongoing cyberattack which is impacting operations at its Mobile Alabama headquarters.

The important notice posted on the 20 February reads: “Continental US operations were recently impacted by a cyber incident affecting daily operations based in Alabama. Continental is actively engaged with a team of experts who are working to resolve the issues as quickly as possible and expects to resume full operations soon.”

Continental have not elaborated when the cyberattack will end, nor how widely disruptive the event has been to its daily operation. Furthermore, the US engine OEM has not yet said if a data breach has occurred.


read more