Government

May 26, 2021: Canada Post Customers Affected by Ransomware Attack at Supplier

Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack where threat actors accessed data stored in their systems. This accessed data includes shipping manifest data for large parcel business customers, including sender and receiver contact information, names, and mailing addresses.

In total, the breach affected 44 Canada Post commercial customers and 950,000 receiving customers.

September 8, 2022: Cyberattack Paralyzes Operations at Suffolk County Offices in NY

Since September 8, Suffolk County has been trying to recover from a cyberattack by a ransomware group known as “ALPHV” or “BlackCat.” The attack disabled the county’s 911 system as well as other services. The county reverted to older methods for handling essential county operations, dispatching, and paying bills. Real estate industry was most impacted by the cyberattack. Access was cut off to key records required in property sales transactions.

October 5, 2022: Cybersecurity Attack at City of Dunedin, Pinellas County, Florida

Florida officials at City of Dunedin, in Pinellas county, discovered a cybersecurity attack on Wednesday October 5. The city is investigating. Dunedin says its Water and Wastewater Treatment Facilities, city phones and social media networks are all secure. As reported by MSN,
these operations are not available: city email, online payments for permits, utility billing, Parks & Recreation programs, inspection scheduling, and Marina fees.

May 17, 2022: City of Tucson Discloses Data Breach Exposing 123K Individuals

The City of Tucson, Arizona, disclosed a data breach affecting the personal information of more than 123,000 individuals. The threat actors had access to the network between May 17 and May 31. They potentially accessed or stolen documents containing the information of 123,513 individuals.

"On May 29, 2022, the City learned of suspicious activity involving a user's network account credential," the data breach notification reads. "On August 4, 2022, the City learned that certain files may have been copied and taken from the City's network." The City began notifying potentially impacted individuals on September 23. The he attacker potentially accessed files included certain individuals' name, Social Security number, driver's license or state identification number, and passport number.

September 5, 2022: Second Largest US Public School District in CA Hit by Ransomware Attack

A cyberattack prompted an unprecedented shutdown of The Los Angeles Unified School District, the second largest in the nation. The attack sounded alarms across the country, from urgent talks with the White House and the National Security Council after the first signs of so-called ransomware were discovered late Saturday night to mandated password changes for 540,000 students and 70,000 district employees. On September 30, the Los Angeles Unified School District said that cybercriminals who targeted it with a ransomware attack plan to release some of the hacked data online. LAUSD has not disclosed the ransom demanded by the criminal organization.

UPDATE: 500GB of data that was stolen during a cyberattack against the Los Angeles Unified School District (LAUSD) has been made public by hackers, media reports said on October 4.

April 11, 2022: Costa Rica Declares National Emergency in Response to Ransomware Attack

For the last two months (April/May 2022) Costa Rica has been under siege. Two major ransomware attacks have crippled many of the country’s essential services, plunging the government into chaos as it scrambles to respond. Officials say that international trade ground to a halt as the ransomware took hold and more than 30,000 medical appointments have been rescheduled, while tax payments have also been disrupted.

Millions have been lost due to the attacks, and staff at affected organizations have turned to pen and paper to get things done.

Conti claimed responsibility for the first attack against Costa Rica’s government and is believed to have some links to the ransomware-as-a-service operation HIVE, which was responsible for the second attack impacting the health care system.

August 1, 2022: City of Shanghai Health App Hack Affects over 48.5 Million Mandatory Users.

A hacker has claimed to have obtained the personal information of 48.5 million users of a COVID health code mobile app run by the city of Shanghai, the second claim of a breach of the Chinese financial hub's data in just over a month.The hacker with the username as "XJP" posted an offer to sell the data for $4,000 on the hacker forum Breach Forums on Wednesday. The hacker provided a sample of the data including the phone numbers, names and Chinese identification numbers and health code status of 47 people.

The app collects travel data to give people a red, yellow or green rating indicating the likelihood of having the virus and users have to show the code to enter public venues. All residents and visitors have to use it.

July 27, 2020: City of Lafayette, CO Opts to Pay Ransom of $45,000

Lafayette, Colorado fell victim to ransomware on July 27, which encrypted the city's computer networks and caused disruptions to phone services, email and online-payment and reservation systems. It's thought that the unidentified ransomware entered the city's network via a phishing or brute force attack. Lafayette opted to pay the cyber criminals perceiving it to be the quickest and most cost effective way to restore municipal services to residents.

Other cities across the US have paid hundreds of thousands of dollars to criminals in exchange for returning the network.

April 10, 2020: Magecart attacks Plague the Already Troubled Payment Platform Click2Gov

A new wave of data breaches in eight U.S. city governments is the work of online scammers using malicious code against the troubled online payments platform Click2Gov, according to research published Friday by the cybersecurity firm TrendMicro. The attacks involved Magecart-style attacks, in which lines of JavaScript code are injected into e-commerce platforms to rip off financial and personally identifiable information, like credit card numbers, names, addresses and other credentials. Click2Gov has for several years posed data-security problems for as many as 6,000 local governments across the United States who use Click2Gov. But according to TrendMicro, there’s no evidence directly linking the recent Magecart-style attacks to incidents in 2018 and 2019. Still, five of the eight cities analyzed had been victims of previous Click2Gov breaches.

Magecart attacks have plagued corporate websites, including big-name targets like British Airways, Ticketmaster and more than 2 million other websites, according to research published last October.

November 23, 2019: Colorado County Pays $300,000 Ransom after Virus Hits Computer Systems

A computer virus downloaded to Archuleta County computers on Nov. 23 encrypted all county servers and files and demanded a $300,000 Bitcoin ransom.

Pin It on Pinterest

Scroll to Top