Cyber Incident Victim: South Walton Fire District

On May 30, 2022, the South Walton Fire District (SWFD) identified unauthorized access to its network, prompting an immediate investigation. The inquiry determined that attackers potentially accessed sensitive patient information spanning individuals transported or treated by the district between 2007 and 2019. Compromised data included full names, physical addresses, Social Security numbers, dates of birth, and specific medical details such as treatment dates, diagnostic information, and health insurance data. The breach exposed individuals to risks of identity theft and medical fraud due to the highly sensitive nature of the stolen identifiers and health records. No evidence suggested data misuse at the time of notification, but the 12-year exposure window created a substantial population of potential victims. Local media reports emphasized the historical scope of affected records, covering ambulance transports and medical responses over more than a decade. SWFD did not publicly disclose the exact number of impacted individuals or the technical method of intrusion.

SWFD confirmed it contained the breach without paying ransom demands, though it did not specify whether ransomware was involved. The organization implemented enhanced security measures across its digital infrastructure following containment, adding multiple layers of data protection to prevent recurrence. Public notification occurred nearly six months post-discovery on November 21, 2022, with affected parties receiving direct alerts about the exposure of their personal and medical information. The district published a comprehensive breach notice on its official website to provide additional transparency, though the notice did not detail forensic findings regarding attacker origins or motives. No service disruptions to emergency medical operations were reported during or after the incident, indicating successful isolation of compromised systems from critical response functions.