Cyber Incident Victim: City of Pensacola
Date:
Dec 2019
Location:
United States of America
Summary
The City of Pensacola experienced a disruptive cyberattack that compromised nearly all computer communication systems, including email, phone services, and online payment platforms for utilities and sanitation. While public safety operations such as 911, police, and fire services remained unaffected, officials collaborated with federal and state law enforcement agencies to investigate potential data exposure and restore systems proactively taken offline as a precautionary measure. The incident highlighted growing concerns about sophisticated cyber threats like ransomware and phishing targeting municipal infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On December 7, 2019, a cyberattack disrupted the City of Pensacola’s computer systems beginning at approximately 1:45 a.m., causing widespread operational failures. The incident rendered nearly all City Hall communication systems inoperable, including email and phone services, and disabled online payment systems for Pensacola Energy and city sanitation services. City IT personnel proactively took additional systems offline as a precautionary containment measure, intending to restore functionality after resolving the incident. Public safety operations, including 911 emergency services, police, and fire departments, remained unaffected throughout the event. Officials, including Mayor Grover Robinson, publicly confirmed the attack on December 9 but could not immediately determine whether personal data had been exposed or compromised. The city’s inability to process payments or communicate via standard channels persisted for multiple days, with recovery timelines unspecified.
The City of Pensacola engaged federal and state partners—including the FBI’s Jacksonville Field Office, the Department of Homeland Security, and the Florida Department of Law Enforcement—to investigate the incident’s origin and scope. Authorities explicitly stated they had identified no link between the cyberattack and the fatal shooting at NAS Pensacola on December 6. The University of West Florida Center for Cybersecurity offered technical assistance, noting the attack’s alignment with increasingly sophisticated threats like ransomware and phishing campaigns. While officials emphasized ongoing efforts to assess potential data breaches, they provided no confirmation of data exfiltration or encryption by attackers. Two other Florida municipalities—Lake City and Riviera Beach—had recently paid ransoms totaling over $1 million combined following similar incidents, though Pensacola did not disclose whether ransom demands were involved in its case. Residents were advised to expect prolonged disruptions as restoration efforts continued.