Cyber Incident Victim: City of Tallahassee

On April 3, 2019, the City of Tallahassee experienced a cyberattack targeting its employee payroll system through a breach of its human resources management application. Attackers successfully diverted approximately $498,000 in city funds during the incident. Officials confirmed that foreign actors were suspected in the attack, which exploited vulnerabilities in the HR platform to manipulate payroll disbursements. The breach occurred despite routine attempts by hackers to penetrate the city's network defenses, highlighting the sophistication of this particular operation. While daily intrusion attempts were described as commonplace by city representatives, this attack resulted in substantial financial losses. The stolen funds represented direct fiscal damage to municipal operations, though the specific number of affected employees or accounts was not disclosed in initial reports. No details were provided regarding the exact attack vector, malware used, or duration of unauthorized access prior to detection.

City officials publicly acknowledged the breach on the same day funds were diverted, indicating prompt awareness of the incident. The disclosure emphasized the foreign attribution hypothesis but did not specify investigative methods or evidence supporting this claim. No information was released regarding immediate containment measures, system recovery processes, or whether payroll operations were temporarily suspended. The financial impact—nearly half a million dollars—was confirmed as final, with no indication of partial fund recovery at the time of reporting. The incident underscored persistent threats to municipal infrastructure, though Tallahassee’s existing cybersecurity protocols prior to the attack were not detailed. Public reporting relied exclusively on city statements, with no independent verification of attack origins or forensic findings provided in the immediate aftermath.