[BreachExchange] Florida Tax Office Blames Data Breach on Virus

Destry Winant destry at riskbasedsecurity.com
Mon Jul 27 10:16:42 EDT 2020 

https://www.infosecurity-magazine.com/news/florida-tax-office-blames-data/

A Florida Tax Collector's Office has blamed malware found on an
employee's computer for a data breach that affected around 450,000
residents of Polk County.

The breach occurred in June at the Tax Collector’s Office for Polk
County (TCPC). Information exposed in the attack included Social
Security numbers and driver's license numbers.

In a statement issued on July 15, Tax Collector for Polk County Joe
Tedder said that his office was "subject to a new strain of a targeted
computer virus attack not seen before."

The attack occurred at around 2:15 pm on June 23 after an office
employee clicked on what turned out to be a malicious email attachment
disguised as an invoice.

Tedder's office said that the incident was "quickly recognized" by the
IT team, who "took immediate action to mitigate the threat." In an
attempt to prevent the virus from spreading, the office's entire
computer system was shut down, including telephones, online
processing, and service center operations.

Following the attack, all of the office's PCs were wiped clean and
restored and third-party computer forensic specialists were brought in
to determine the scope of the incident.

A subsequent forensic investigation completed on July 11 concluded
that driver's license numbers had potentially been accessible to an
anonymous third party.

The investigation found no evidence that personal information was
subject to actual or attempted misuse.

“We believe exposure was very limited,” Tedder told WFLA.

Tedder's office stated: "Although the investigation found no evidence
that any information was misused, individuals are encouraged to remain
vigilant against incidents of identity theft by reviewing account
statements for unusual activity or errors."

Once the compromised computer system was back up and running, it was
determined that no access had been lost as a result of the attack.

"The Tax Collector’s Office is currently able to report that we did
not lose access to our systems, backups, or other operational data,"
said the TCPC.

"However, in an abundance of caution to address this new strain of
computer virus, TCPC has implemented additional safeguards to further
secure system information."

More information about the BreachExchange mailing list