Cyber Incident Victim: Florida Department of Agriculture and Consumer Services

On May 22, 2017, the Florida Department of Agriculture and Consumer Services (FDACS) disclosed a data breach involving its online payment system, which processed transactions for concealed weapon permits and other applications. Hackers accessed the system approximately two weeks prior, compromising the names of over 16,000 individuals who had renewed concealed weapon permits online. The breach also potentially exposed the Social Security numbers of 469 customers. FDACS detected the intrusion less than 24 hours after it occurred and promptly shut down the affected system. Spokesperson Jenn Meale confirmed the agency traced the attack’s origin to overseas actors but did not disclose the specific intrusion method or suspected perpetrators. The department emphasized that no financial information was compromised and stated any other accessed data constituted publicly available information posing no identity theft risk. Immediate mitigation efforts included system isolation and internal cybersecurity reviews.

FDACS notified all affected individuals following the breach discovery. The 469 customers whose Social Security numbers were exposed received offers for one year of complimentary credit monitoring and fraud alerts. Agriculture Commissioner Adam Putnam, then a gubernatorial candidate, ordered a comprehensive evaluation of the department’s cybersecurity protocols. Florida state law enforcement agencies initiated an investigation into the incident, though no additional details regarding investigative findings or suspect identification were released. The department reiterated its commitment to customer privacy and cybersecurity in public statements, highlighting rapid containment actions but providing no technical specifics about system vulnerabilities or long-term remediation plans beyond the initial response.