Florida Tax Office Blames Data Breach on Virus

Security

A Florida Tax Collector’s Office has blamed malware found on an employee’s computer for a data breach that affected around 450,000 residents of Polk County. 

The breach occurred in June at the Tax Collector’s Office for Polk County (TCPC). Information exposed in the attack included Social Security numbers and driver’s license numbers. 

In a statement issued on July 15, Tax Collector for Polk County Joe Tedder said that his office was “subject to a new strain of a targeted computer virus attack not seen before.”

The attack occurred at around 2:15 pm on June 23 after an office employee clicked on what turned out to be a malicious email attachment disguised as an invoice. 

Tedder’s office said that the incident was “quickly recognized” by the IT team, who “took immediate action to mitigate the threat.” In an attempt to prevent the virus from spreading, the office’s entire computer system was shut down, including telephones, online processing, and service center operations.

Following the attack, all of the office’s PCs were wiped clean and restored and third-party computer forensic specialists were brought in to determine the scope of the incident. 

A subsequent forensic investigation completed on July 11 concluded that driver’s license numbers had potentially been accessible to an anonymous third party. 

The investigation found no evidence that personal information was subject to actual or attempted misuse.

“We believe exposure was very limited,” Tedder told WFLA.

Tedder’s office stated: “Although the investigation found no evidence that any information was misused, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements for unusual activity or errors.”

Once the compromised computer system was back up and running, it was determined that no access had been lost as a result of the attack.

“The Tax Collector’s Office is currently able to report that we did not lose access to our systems, backups, or other operational data,” said the TCPC. 

“However, in an abundance of caution to address this new strain of computer virus, TCPC has implemented additional safeguards to further secure system information.”

Products You May Like

Articles You May Like

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
Malware Author Admits Role in $568m Cyber-Fraud
Small and medium‑sized businesses: Big targets for ransomware attacks
FBI warns of surge in online shopping scams
Is Your Security Vendor Forcing You To Move to the Cloud? You Don’t Have To!

Leave a Reply

Your email address will not be published. Required fields are marked *