Government data breaches pose one of the largest threats for US government entities in 2023 and beyond. As geopolitical tensions rise between Russia and the West, targeted cyber attacks against the federal, state, and local governments are increasingly likely. In fact, the FBI recently warned that ransomware is straining local government services, as local governments are favorite targets of hackers, second only to academic institutions.
Given this, how do you prevent a cyber attack on your municipality? And what happens if a data breach occurs? Why is local government cyber security so important?
Explore this guide for insights into the true costs of a government data breach with real life examples on combating cyber warfare, precautions to take in your locality, and how to immediately respond if a breach occurs in your community.
What is a Government Data Breach?
A government data breach is when private data belonging to a public sector entity is accessed by external forces without authorized permission. Oftentimes, hackers will intentionally trick government workers into unknowingly granting them access to top secret government data. In other instances, unintentional mistakes can lead to private data being made public.
Government data breaches often leave local governments powerless and vulnerable without access to critical data and unable to perform key municipal services for a long period of time after the fact.
When a data breach occurs due to a hack, the sensitive data is frequently withheld from the government entity unless a hefty ransom is paid. Stolen data can include private information about your government affairs, constituents, or private sector partners; meaning it is of the utmost importance to prevent government data breaches from occurring and keep this valuable information safe and secure.
Real Life Government Data Breach Examples
Governments of any size are at risk of being hacked. National governments around the world have been hacked regardless of their size or status, including the United States. State and local governments have both experienced major ransomware attacks in which breached data quickly turned into lost data and inoperable citizen services, which is why government cybersecurity best practices needs to be implemented in your municipality.
Here are some real life examples of government data breaches, and lessons to be learned for your local government:
Government Data Breaches At the Local Level
Local government data breaches are becoming much more common because hackers know that many municipal and county governments are using antiquated information technology systems.
Here are a few examples of local government data loss events that occurred as a result of antiquated cybersecurity protocols:
1. Compromised government mainframe in Miller County, Arkansas spreads malware to counties across the entire state.
In 2022, a ransomware attack in Miller County, Arkansas left the local government scrambling to find ways to protect their compromised, out-of-date computer networks. The hackers held local government data hostage, asking for a large ransom in exchange for the return of the government data. However, the local government was not able to execute an IT cybersecurity solution with enough urgency, and the compromised mainframe spread malware to endpoints in 55 different Arkansas counties.
The lesson for your local government:
Do not wait to report a local government data breach to your state or federal government; reporting breaches quickly, as soon as they are noticed, will give your government critical time and resources to mitigate the damage of the attack.
- Report a local government data breach within 72 hours
- Allow for the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) to assist the affected public agencies
- Inspect the cyber security measures of private-sector partners before a breach occurs
Read about New Jersey’s new 3-Day Cyber Attack Reporting Law and Consider ways to manage government data breaches in your local government. This article has helpful information even if you are not from the garden state; local governments in all states that will likely have similar laws put in place soon.
2. Atlanta declines to pay a ransom for stolen government data, fix costs millions in city funds
A 2018 remote ransomware cyber attack against the city of Atlanta’s obsolete computer networks left multiple local departments using pen and paper for more than a week. After a remote hacker broke into the system and the city refused to meet the hacker’s demand for $51,000 in Bitcoin, the city lost up to $17,000,000 in costs directly related to the hacking event and costs to resolve.
- Note: If compromised, the FBI recommends NOT paying ransom for government cyber attacks.
The lesson for your local government:
Don’t wait for a cyber attack to strike to upgrade your local government IT systems. If you’re still using physical on-site servers, you’re giving hackers an incentive to target your computer systems and exposing yourself to the possibility of losing critical government data and records forever and/or being extorted for millions of dollars. Upgrading to the cloud ensures that you’re up-to-date with government cybersecurity protocol and have guaranteed data storage back-up of critical data.
Learn more in the guide to Government Data Storage: In-House vs Cloud Servers.
3. 22 townships in Texas were hit with a coordinated ransomware attack
If you’re working for a local government in a small township, don’t think that means you won’t have to worry about hackers and ransomware attacks. In 2020, Russian hackers targeted small towns across the state of Texas, preventing constituents from paying water bills, the governments from processing payrolls, and government workers from accessing critical data.
As it turns out, in the middle of the night Texas, Russian hackers across the world “were burrowing into networks,” leaving encrypted messages to let local townships know they’d been hacked. The state-wide hack occurred after a private firm connecting Texas communities with a statewide law enforcement database was breached. While this hack occurred through no fault of the local governments, a private-sector partner was compromised, leaving Texas local governments vulnerable all the same.
The lesson for your local government:
Be thorough and careful about private-sector partners you associate with and provide critical constituent data to. When deciding on technology partners, be sure to enquire about their IT protocols and measures to prevent cyber attacks. GovPilot is constantly embracing the latest government IT technology and methodology meant to deter cyber attacks and secure data. You can learn more about GovPilot’s modern approach in our government cybersecurity overview.
Read on to learn everything you need to know about vetting and working with private-sector partners in 2023.
Your local government should craft a Local Government Cybersecurity Management Plan similar to the one recently deployed in New York in order to stay on top of cyber security measures in your municipality.
3. Fresno, California lost more than $400,000 as a result of a phishing scam
A phishing scam in which a hacker posed as a real contractor working on a public building invoiced the city for $400,000. Changing only the account number, while using the contractor's letterhead, a government city employee accepted the payment and mistakenly sent the hacker taxpayer-funded dollars.
The lesson for your local government:
Cybersecurity training for local government workers is critically important for preventing government data breach events. In the situation above, an employee made an honest mistake that could’ve been avoided with proper training on phishing scams. Protect your local government data, and funds by teaching government employees how to prevent cybersecurity attacks.
To learn more about how to train government workers against cyber attacks, read the Government Cybersecurity Training: What to Teach Government Workers guide.
Government Data Breaches At the State Level
1. Texas Comptroller’s Office Costs State Millions & Constituents Their Private Data
Government data breaches aren’t a new phenomenon. Back in 2011, more than 3,500,000 Texans’ names were publicly displayed along with their social security numbers on the Texas comptroller's website for a year until the data breach was caught and addressed. This year-long ongoing data breach crisis negatively impacted thousands of Texas citizens because their government offices were not properly secured.
While Texas law requires that private government files are encrypted, the names and private information were leaked as a result of protocol not being followed. Files submitted from the Teacher Retirement System of Texas, the Texas Workforce Commission, the Employees’ Retirement System of Texas, and the Texas Workforce Commission to the comptroller's department were not encrypted, leading to the public display of constituent’s most private and sensitive information.
Millions of dollars were spent in notifying constituents that had their information leaked, working with IT consultants to alleviate issues, and in lawsuits with enraged constituents that were affected.
The lesson for your local government:
Protocols are in place for a reason. Failure to follow protocol stems from the top, meaning municipal and county leadership needs to keep a keen eye on employees to make sure cyber security measures are being met unless they're prepared to face harsh criticism from the public when a cyber attack occurs.
Keep in mind, GovPilot government software is encrypted, ensuring that your data across government departments is safe and secure.
2. Data breach in Georgia’s Secretary of State Office exposes 6,100,000 constituents’ private data
In 2015, a government data loss event known as the #PeachBreach, left more than 6.1 million Georgian constituents with their personal information exposed, including, “voter’s birthdates, driver’s license numbers, and social security numbers.”
The government security breach came as a result of the accidental inclusion of sensitive information in a document regularly distributed by the office to various organizations. Once again, sloppy protocol allowed a lower tier government employee to let private constituent data slip through without internal systems catching the issue.
The lesson for your local government:
Documentation being distributed by your local government to the public needs to be reviewed internally as a cyber security measure, even for documents released or updated on a weekly basis. If not, an ordinarily innocuous process could result in personal data of your local government and/or constituents being released to the public.
Learn more about how public record technology and public record request software can help.
Government Data Breaches At the National (and International) Level
1. Hackers target the U.S Department of Transport employee travel expense funds
On May 12, 2023, personal information pertaining to 237,000 US government employees was reportedly exposed in a Department of Transport data breach when anonymous hackers attempted to steal funds from the department. The breached system processes “TRANServe transit benefits”, which are transportation expenses that commuting government employees can claim back for their travel costs. The U.S Department of Transport told Congress in an update last week that it had “isolated the breach to certain systems at the department used for administrative functions”. As of now, it appears that no systems that deal with transportation safety were affected because the funds were the main incentive of this attack.
The lesson for your local government:
Be aware that large government funds in non-secured systems can entice hackers who are looking to steal government money. Take precautions to protect valuable servers and systems before an attack occurs, and government employees are left to suffer their personal information and data being leaked.
Wondering which grants and resources your local government can utilize to make your government data more secure against cyber attacks? Check out this article on Federal Cybersecurity Grants for Local Governments to upgrade digital security in your community.
2. Chinese hackers steal passwords to access to US defense and technology firms
Chinese hackers managed to steal passwords from U.S. firms working with the federal government to obtain critical and sensitive information about the inner workings of United States defense technology contracts.
By December, 2021, the number of suspected targets reached five, with hundreds of other companies posing similar data breach risks at the hand of foreign entities like China and Russia.
The lesson for your local government:
Encourage government workers to use convoluted, difficult to guess passwords (like the Google generate a password feature) so that your local government isn’t at risk of a data breach as a result of a stolen password. Make sure passwords are changed regularly and updated from initial generically assigned passwords like ones an IT department might set up on a computer for a new employee.
3. 2022 Cyber Attack on Israel government websites - thought to be the largest in the country's history!
In March 2022, the Israeli government faced what may be its largest cyber attack against its government to date. In what’s known as a DDos attack, Israeli government websites including the ministry of the defense and ministry of the interior, were inaccessible for several hours before being restored.
In the past, Iran has been linked to Israeli cyber attacks, though the culprit for this data breach has not been confirmed.
The lesson for your local government:
Russian hackers aren’t the only threat you need to be worried about. Threats from geopolitical enemies like Iran and China pose a major threat to U.S government’s; but don’t forget that hackers can even be in your own backyard here in the US. Be wise about who you’re sharing critical data with, especially when communicating with people outside of your region, (and especially if it’s international).
How to Prevent Government Data Breaches?
The honest truth is that cyber attacks will remain an ongoing issue for years to come. As hackers grow more advanced in their techniques, communities that fail to prepare for cyber attacks are preparing to fail both their citizens and municipal employees.
Here are some ways to mitigate the risk of a local government cyber attack:
1. Spend Federal Grant Funds on Improving Digital Infrastructure
The federal government has approved billions in grants for local governments to improve their digital infrastructure via the American Rescue Plan Act and the Infrastructure Investment and Jobs Act. Both bills grant local governments to allocate funds towards preventing data breaches by improving broadband infrastructure, arming against government hacking tools, and embracing cloud-based government software.
Learn more with these resources:
- What is the American Rescue Plan? What It Means for Local Government
- Infrastructure Investment and Jobs Act: What It Means for Local Governments
- BEAD Broadband Grants for Rural Local Governments
2. Double Down on Your Local Government IT Department
In addition to recruiting great government tech workers to fill government cybersecurity and manage your community’s information technology systems, you’ll need to have an organized IT ticketing strategy to ensure bugs in the system and/or potential cybersecurity threats don’t go unnoticed.
With government management software, IT ticketing is an automated process, where tech issues from other government departments are automatically timestamped and added to the government IT ticketing software module for easy accessibility. With GovPilot, municipal workers in Atlantic City reported a decline from 48 hours to respond to a tech issue to just 7 minutes!
Learn more in our local government IT resources here:
- Modern Local Government IT Strategy Guide
- How to Form a Government Disaster Recovery IT Framework
- How Atlantic City Fixed It’s IT Ticketing System with GovPilot
3. Avoid Using Physical On-site Servers for Storing Government Data
Physical on-site servers for data storage are obsolete and are usually prime targets for a cyber attack as a result. Physical servers are also prohibitively expensive to maintain; especially for small to mid sized local governments who will have to continuously update and protect equipment from both cyber threats and physical threats. Physical threats and disasters such as fires or floods which can cause a loss of data and services just as devastating as digital attacks.
With the cloud, your data is automatically backed up on a regular basis, meaning you’ll never have to fear the permanent loss of your government data. Cloud providers regularly push system updates and upgrades meaning your government management platform will be as modern and secure as possible.
Here are tips for mitigating the threat of natural disasters:
3. Regularly Train Government Workers on Cyber Security Protocols
Phishing scams affect people that are caught off guard every single day. Government workers using ‘12345’ or ‘password’ as a password gives hackers a chance to break into your local government with just a few guesses.
In order to prevent an embarrassing and expensive data breach in your local government, you’ll need to offer annual cyber security training that explains how to prevent data breaches and why this training is growing more important year by year.
Address and Prevent Local Government Data Breaches Now
Clearly, whether you're a representative of a major city or a small, local government, data breaches as a result of cyber attacks pose a threat to your community. To prevent the loss of critical data and/or millions of dollars at the hands of a ransomware attack or other cyber weapons, you’ll need to be proactive instead of reactive in adopting secure digital infrastructure. Consider automating IT ticketing for fast internal IT issue reporting and resolution.
To learn more about upgrading to a unified, secure government management platform, book a free 15-minute consultation today!
Government Data Loss Prevention FAQs
-
What Are The Best Protocol Measures for Preventing a Government Data Breach?
At a high-level, here’s how you should be preventing cyber attacks from striking your local community:
- Offer cybersecurity training for all municipal employees
- Use cloud-based software for your local government systems and departments
- Hire qualified IT officials that understand how to protect your local government against government data breaches and critical infrastructure attacks
- Use IT ticketing software to simplify and organize ticketing workflows
- Ensure private sector partners are using cyber secure networks that are not vulnerable to a cyber attack
-
How Much Does a Government Data Breach Cost?
A government data breach can cost tens of thousands if you opt to pay a ransom. (It is recommended governments NOT pay) Recent hackers that stole government data from Atlanta and Newark demanded between $30,000 and $51,000 in Bitcoin for the safe return of government data.
If data is lost for good, it can cost millions to recuperate your losses. After Atlanta decided not to pay their ransom, the speculated cost for the city government was upwards of $17,000,000 in taxpayer dollars to repair and secure systems.
-
What Are Common Government Data Breaching Tactics?
A few of the common ways governments are hacked into according to cyber security threat intelligence include:
- Hacking private sector partners to gain access to public sector data
- Phishing scams sent to government workers
- Breaking into antiquated physical servers with easy points of entry for a sophisticated hacker
-
How to Respond if Your Local Government Data is Breached?
A local government cyber attack response plan has never been more vital; You’ll need to work with state and federal officials to overcome a major data breach. Federal departments to contact include your local FBI office, the Secret Service, and the Internet Crime Complaint Center. Your state’s IT office will also need to be contacted.
In the instance that a hacker demands a ransom for the return of lost government data, you’ll need to weigh the pros and cons of meeting (or not meeting) their demands. Not paying the ransom can result in spending millions of taxpayer dollars to alleviate the situation. If you do pay, however, you send a message to other hackers that if they successfully breach your data, they can expect to receive payment. The FBI recommends NOT paying the ransom.
For more helpful resources for your local government, read on:
- Local Government Disaster Preparedness Guide
- Continuity of Government: Government Procedures During a Crisis
- Modern Government Trends, Events, & Technology
- Best Software for Government Procurement
- Government Cybersecurity: How to Prevent Ransomware Attacks
- Government Blockchain: How Local Government Can Use Crypto
- How Local Governments Can Encourage Civic Engagement
Sources:
Cyber attacks USA 2022, 2023 | KonBriefing.com By Kon Briefing
Data Breach By Investopedia
Reporting Computer, Internet-related, Or Intellectual Property Crime By The United States Department of Justice
Texas Comptroller's Massive Data Breach Will Cost State Millions By Forbes
Israel Says Government Sites Targeted By Cyberattack By Alijazeera
Behind the #PeachBreach: How the Secretary of State’s office compromised the personal data of Georgia's voters - Atlanta Magazine By Atlanta Magazine
ISO/IEC 27001 ISMS Precertification Audit - January 2018 By City of Atlanta, City Auditor’s office
Data Breaches: What They Are, Why They Occur, and How to Prevent Them | Flashpoint By Flashpoint
Significant Cyber Incidents | Strategic Technologies Program | CSIS By The Center For Strategic and International Studies
Data Breaches That Have Happened in 2022 and 2023 So Far By Tech.co