Cyber Incident Victim: City of North Miami
Date:
Aug 2024
Location:
United States of America
Summary
The City of North Miami experienced a possible cyber breach affecting its network systems, prompting the closure of City Hall and suspension of critical services including permits, payments, billing, and passport processing. The IT department was notified of the incident, leading to an ongoing investigation involving the FBI and local law enforcement agencies; officials have not yet confirmed whether resident or personnel data was compromised or if financial systems were impacted. Manual safeguards were implemented to protect payroll operations, while city staff worked to restore partial functionality to essential services amid resident frustrations over prolonged disruptions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 5 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The City of North Miami experienced a disruptive cybersecurity incident beginning on or before August 4, 2024, when its IT department was notified of a possible network breach. By August 6, City Hall remained closed indefinitely as officials worked to contain the incident, with a public notice on the municipal website confirming a "possible breach affecting its network system." The closure suspended all municipal operations conducted through City Hall, including permitting, payment processing, billing services, and passport applications. Residents expressed frustration over the inability to conduct essential business, with one individual citing specific difficulties resolving a permitting matter and criticizing the city's lack of contingency planning. City officials declined to provide on-camera statements but confirmed involvement from the FBI, Miami-Dade Police, and North Miami Police in the ongoing investigation. No attribution for the attack had been established, and authorities could not confirm whether perpetrators issued demands, accessed resident personal data, compromised employee records, or infiltrated municipal financial systems or bank accounts.
Municipal leadership implemented immediate manual safeguards to protect payroll systems while developing plans to restore critical services. Mayor Alix Desulme stated that department directors were finalizing operational workarounds to resume limited municipal functions, though no timeline was provided for full restoration. The mayor anticipated receiving a comprehensive incident briefing on August 6 or 7 to assess containment progress and operational impacts. No technical details regarding the attack vector, malware presence, data exfiltration evidence, or system recovery protocols were disclosed publicly. Service disruptions persisted without resolution timelines, leaving residents unable to access routine municipal transactions as law enforcement investigations continued without conclusive findings regarding the breach's origin or scope.