Cyber Incident Victim: City of St. Cloud

On March 25, 2024, the City of St. Cloud, Florida, announced via social media at approximately 10:30 a.m. that it had been targeted by a ransomware cyberattack earlier that morning. The attack disrupted operations across multiple city departments, impacting internal systems and phone communications. Customers experienced difficulties reaching city offices by phone, though municipal government functions remained partially operational with workarounds. By 3:45 p.m., the city established a dedicated alert page on its official website (stcloudfl.gov) to disseminate updates as recovery efforts progressed. Authorities confirmed collaboration with unspecified state and local partners to resolve the incident expediently. Critical emergency services including Police and Fire Rescue maintained normal response capabilities for calls throughout the event. Solid waste management services operated without interruption, with all scheduled trash and recycling collection routes proceeding normally.

Specific operational disruptions included temporary cash-only payment requirements for in-person transactions at the Transfer Station and Parks and Recreation Department. Online payment systems for facility reservations and event registrations continued processing credit card transactions without disruption, indicating selective impact on financial systems. The city clarified that external utility providers—including Toho Water Authority, OUC, and the Osceola County Tax Collector's Office—remained unaffected by the incident, confirming the attack's containment within municipal infrastructure. No details regarding the ransomware variant, initial attack vector, data compromise, or ransom demands were disclosed in available updates. Recovery timelines and full restoration status were not specified, with officials characterizing the situation as ongoing and promising further updates through their designated communication channel.