Cyber Incident Victim: Leesport borough
Date:
Dec 2019
Location:
United States of America
Summary
A Pennsylvania borough's tax collector computer system was breached, prompting officials to issue emergency alerts advising residents to contact their banks and place holds on their accounts. The Northern Berks Regional police confirmed the intrusion, though the scope of compromised personal data remained unclear during initial investigations. Borough representatives provided no further details about the extent of the breach or specific data impacted while law enforcement inquiries were ongoing.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around December 6, 2019, the Leesport Borough Tax Collector in Pennsylvania discovered a cybersecurity incident involving the compromise of the tax collector’s computer system. Upon identifying the breach, the Tax Collector’s office issued an urgent email alert to residents advising them to contact their banks and place holds on their accounts as a precautionary measure. The email explicitly stated, "Our Tax Collector's computer was compromised," though it did not specify the method of intrusion or the timeline of unauthorized access. Concurrently, Borough Councilman Bruce J. Reimer Sr. amplified the alert by posting a Code Red Emergency Alert message from the borough on his Facebook page. This public notification reiterated the breach disclosure and emphasized the uncertainty regarding the scope of compromised data, stating, "At this time, we do not know to what extent or how much personal data has been compromised." The borough’s legal counsel advised residents to act swiftly to secure their financial accounts while the incident remained under investigation.
The Northern Berks Regional Police Department confirmed the occurrence of the breach but did not release technical details about the attack vector, the perpetrators, or the specific systems affected beyond the tax collector’s computer. No evidence was provided regarding whether the breach involved malware, phishing, or external network intrusion. Borough officials, including Tax Collector M. Jane Lauser and Councilman Reimer, refrained from issuing additional updates or clarifying the nature of the compromised data during the initial reporting period. The incident prompted an immediate law enforcement investigation, though no findings or progress reports were disclosed publicly at the time. Residents were left with generalized warnings to monitor their accounts, as the borough had not yet determined whether sensitive information such as bank details, Social Security numbers, or tax records had been exfiltrated. The absence of concrete details about the breach’s impact or remediation steps underscored the preliminary stage of the response effort.