Cyber Incident Victim: Atlanta Department of Public Works
Date:
May 2015
Location:
United States of America
Summary
Hackers compromised a US electric-sign company's digital billboard network, displaying an obscene image that prompted public alarm and police response, ultimately forcing the owner to cut power to the affected signage. The attackers exploited weak passwords on internet-connected administration systems, with security researchers noting prior warnings about vulnerabilities that the company allegedly dismissed; additional billboards in multiple states were similarly breached during the incident. Federal authorities initiated an investigation, while an unverified group claimed responsibility for the coordinated attack via social media.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On May 14, 2015, hackers compromised a large video billboard in Atlanta operated by Yesco, a major US electric-sign company, forcing it to display an obscene image commonly circulated by internet pranksters. The unauthorized content triggered public alarm, resulting in multiple calls to local police. Yesco responded by cutting power to the affected billboard to terminate the display. Investigators determined the attackers exploited an easily guessable password protecting the billboard’s internet-connected remote administration system, enabling unauthorized access. The incident drew involvement from the FBI and Department of Homeland Security, who launched investigations into the breach. Concurrently, other Yesco-operated billboards in unspecified US states reportedly displayed altered content during the same period, suggesting a coordinated attack.
Security researcher Dan Tentler publicly disclosed he had previously identified vulnerabilities in Yesco’s billboard systems and attempted to alert the company, but received no interest in his findings. Tentler noted hundreds of similarly configured billboards remained exposed online even after the Atlanta incident, accessible via weak authentication measures. An entity self-identifying as the Assange Shuffle Collective claimed responsibility for the hack in a Reddit post, though no independent verification corroborated this assertion. Yesco faced scrutiny over its security practices due to the breach’s simplicity and prior warnings. The incident highlighted systemic vulnerabilities in networked public advertising infrastructure, though no additional technical specifics about the attack methodology or further remediation steps by Yesco were publicly confirmed in the immediate aftermath.