JACKSONVILLE BEACH, Fla. — Two months after some Jacksonville Beach city functions went offline, we now know the city was the victim of a cyber attack.
City leaders announced Wednesday private information could be at risk.
The city started experiencing IT issues at the end of January. City emails weren’t working, the automatic ball dispenser at the city golf course was offline and police had issues accessing some reports.
The city’s investigation revealed just how much was taken in the cyber attack.
“Looking at this, it really tracks very closely with a lot of the other attacks we’ve seen in the industry," said Scarlet Group Cybersecurity Expert Tyler Chancey. "In government, in the private sector, it’s been really rough for cyber security.”
Chancey says the rate of cyberattacks peaked during the pandemic, before taking a dip for a few years, but now they seem to be picking up again.
Jacksonville Beach city leaders announced an investigation into January’s cyberattack found out it was a criminal organization that may have taken information from the network.
The attack put city employees and customers of Beaches Energy Service’s data at risk – things like social security numbers, driver’s license numbers, or bank account information.
“Panic is not something you should be feeling for these," said Chancey. "It’s so common place, that you were likely already a victim of this, before anything occurred in Jax Beach.”
Jacksonville Beach leaders believe they’ve identified a criminal organization responsible for the attack.
Chancey says identity theft isn’t typically the end game for cyber criminals who hit a business or municipality.
“The attackers, what they’re trying to do, for the most part, is extort the victim, in this case, the City of Jacksonville Beach," said Chancey. "Identity theft is more of a side effect of what they’re doing, if someone can’t pay it, then they’ll leak the data to the internet, and then that’s how it’ll be out there.”
The City of Jacksonville Beach is encouraging anyone who is concerned about their data to check their statements and consider credit reports and fraud alerts.
Chancey says that’s a great place to start, and calling your bank is a great second step.
“Your bank is going to have a very vested interest in keeping your account safe," said Chancey. "They want to because they’ll lose money too if something happens. Talk to them. They might suggest new cards or account security measures, but it’s worth it.”
A city spokesperson said the reason it took so long to tell everyone about the private information at risk is because computer forensic investigations take time – figuring out what files were involved.
If you’ve been affected, the city will mail you a letter and provide tips for preventing and spotting identity theft.