BreachExchange mailing list archives
Florida Tax Office Blames Data Breach on Virus
From: Destry Winant <destry () riskbasedsecurity com>
Date: Mon, 27 Jul 2020 09:16:42 -0500
https://www.infosecurity-magazine.com/news/florida-tax-office-blames-data/ A Florida Tax Collector's Office has blamed malware found on an employee's computer for a data breach that affected around 450,000 residents of Polk County. The breach occurred in June at the Tax Collector’s Office for Polk County (TCPC). Information exposed in the attack included Social Security numbers and driver's license numbers. In a statement issued on July 15, Tax Collector for Polk County Joe Tedder said that his office was "subject to a new strain of a targeted computer virus attack not seen before." The attack occurred at around 2:15 pm on June 23 after an office employee clicked on what turned out to be a malicious email attachment disguised as an invoice. Tedder's office said that the incident was "quickly recognized" by the IT team, who "took immediate action to mitigate the threat." In an attempt to prevent the virus from spreading, the office's entire computer system was shut down, including telephones, online processing, and service center operations. Following the attack, all of the office's PCs were wiped clean and restored and third-party computer forensic specialists were brought in to determine the scope of the incident. A subsequent forensic investigation completed on July 11 concluded that driver's license numbers had potentially been accessible to an anonymous third party. The investigation found no evidence that personal information was subject to actual or attempted misuse. “We believe exposure was very limited,” Tedder told WFLA. Tedder's office stated: "Although the investigation found no evidence that any information was misused, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements for unusual activity or errors." Once the compromised computer system was back up and running, it was determined that no access had been lost as a result of the attack. "The Tax Collector’s Office is currently able to report that we did not lose access to our systems, backups, or other operational data," said the TCPC. "However, in an abundance of caution to address this new strain of computer virus, TCPC has implemented additional safeguards to further secure system information." _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Florida Tax Office Blames Data Breach on Virus Destry Winant (Jul 27)