Cyber Incident Victim: North Miami Beach Police Department
Date:
Feb 2020
Location:
United States of America
Summary
The North Miami Beach Police Department experienced a ransomware attack discovered by its information technology personnel, prompting immediate system shutdowns and engagement with federal law enforcement including the FBI and U.S. Secret Service, alongside local police and third-party forensic experts. Public safety operations remained uninterrupted, with no evidence of impact on other municipal departments, though investigators were assessing potential unauthorized access to personal data of residents, employees, or vendors. No threat actor claimed responsibility for the incident at the time of reporting, distinguishing it from other recent ransomware attacks targeting Florida municipalities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 4, 2020, the North Miami Beach Police Department identified a ransomware infection affecting its computer systems. Information technology personnel within the department detected the malicious activity and promptly initiated containment protocols by shutting down compromised systems. The department immediately notified federal law enforcement agencies, including the Federal Bureau of Investigation and U.S. Secret Service, while also engaging the Miami-Dade Police Department for coordinated support. Despite the cyber intrusion, the city confirmed no disruption occurred to critical public safety operations, with police continuing regular patrols, emergency response activities, and routine service delivery to residents. Initial assessments indicated the ransomware exclusively impacted police department infrastructure without spreading to other municipal departments or city services. Authorities maintained operational continuity through alternative procedures while affected systems remained offline during the forensic examination.
The city launched a multi-agency investigation involving federal partners, county law enforcement, and third-party forensic specialists to determine the attack's origin, methods, and objectives. Investigators focused on identifying whether threat actors accessed or exfiltrated personal information belonging to residents, employees, or vendors during the incident. While the specific ransomware variant remained unidentified publicly, cybersecurity analysts noted possible connections to broader targeting of Florida municipalities though no group claimed responsibility. North Miami Beach officials withheld technical details about the attack vector and ransom demands pending the ongoing investigation, emphasizing their commitment to securing systems and protecting citizen data through collaborative remediation efforts. The city provided no further public updates beyond its initial February 7 statement while maintaining police services through established contingency protocols.