Cyber Incident Victim: City of Pembroke Pines

On or around January 13, 2022, Pembroke Pines, Florida, experienced a ransomware attack that disrupted municipal operations by briefly knocking city computer systems offline. City spokeswoman Marianne Wohlert confirmed the incident’s occurrence date, though the specific intrusion method and initial attack vector remained undisclosed. The ransomware compromised the city’s ability to access critical systems, forcing operational adjustments. Officials characterized the event as a criminal act wherein attackers encrypted network data to extort payment, though no ransom demands or payment discussions were publicly disclosed. Internal staff collaborated with unspecified cybersecurity specialists to restore functionality, prioritizing system recovery while assessing the scope of compromise. The city’s computer downtime was described as brief, with commissioners acknowledging a relatively swift resolution to the immediate technical disruption.

Pembroke Pines reported the incident to federal law enforcement agencies, including the FBI and Secret Service, aligning with standard protocols for cybercrime involving critical infrastructure. The attack’s broader implications—particularly regarding potential theft or exposure of resident or employee personal data—were not confirmed, leaving data breach risks unresolved in public communications. No specifics emerged about which municipal departments or services bore the brunt of the disruption, though the city’s general acknowledgment suggested multi-system involvement. The incident echoed recent ransomware events in South Florida, including Broward County Public Schools’ ransom payment and Broward Health’s patient data exposure, though no direct connection between these cases was asserted. Restoration efforts dominated the response, with no post-incident disclosures about residual vulnerabilities, attacker identification, or long-term operational changes.