Cyber Incident Victim: Florida Department of Business and Professional Regulation

On October 7, 2020, the Florida Department of Business and Professional Regulation (DBPR) detected malicious activity within its computer systems, triggering an immediate operational disruption. The incident caused extended outages across the department's digital infrastructure, with systems remaining offline through the following Monday. These outages disrupted public access to the agency's online services, which handle licensing and regulatory functions for multiple business sectors statewide. While public-facing services were restored by October 20, internal system resources continued experiencing intermittent disruptions as agency personnel worked to eliminate residual threats. The Florida Department of Law Enforcement (FDLE) initiated an investigation into the incident at DBPR's request, though the origin and nature of the malicious activity remained unidentified at the time of reporting. Secretary Halsey Beshears publicly confirmed the investigation but provided no specifics regarding attack vectors or potential threat actors.

DBPR's forensic review found no evidence that personally identifiable information—including Social Security numbers, addresses, or other sensitive data—was compromised during the incident. The agency maintained this assessment throughout the immediate response phase. This event occurred independently of an unrelated October 5 technical failure in Florida's voter registration system, which state officials attributed to misconfigured servers rather than malicious cyber activity. Technicians resolved the voter system disruption through server reconfiguration and capacity expansion within the same operational timeframe. Both incidents caused temporary service interruptions across separate government systems, though only the DBPR outage involved confirmed malicious activity requiring law enforcement intervention.