A Florida Tax Collector's Office has blamed malware found on an employee's computer for a data breach that affected around 450,000 residents of Polk County.
The breach occurred in June at the Tax Collector’s Office for Polk County (TCPC). Information exposed in the attack included Social Security numbers and driver's license numbers.
In a statement issued on July 15, Tax Collector for Polk County Joe Tedder said that his office was "subject to a new strain of a targeted computer virus attack not seen before."
The attack occurred at around 2:15 pm on June 23 after an office employee clicked on what turned out to be a malicious email attachment disguised as an invoice.
Tedder's office said that the incident was "quickly recognized" by the IT team, who "took immediate action to mitigate the threat." In an attempt to prevent the virus from spreading, the office's entire computer system was shut down, including telephones, online processing, and service center operations.
Following the attack, all of the office's PCs were wiped clean and restored and third-party computer forensic specialists were brought in to determine the scope of the incident.
A subsequent forensic investigation completed on July 11 concluded that driver's license numbers had potentially been accessible to an anonymous third party.
The investigation found no evidence that personal information was subject to actual or attempted misuse.
“We believe exposure was very limited,” Tedder told WFLA.
Tedder's office stated: "Although the investigation found no evidence that any information was misused, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements for unusual activity or errors."
Once the compromised computer system was back up and running, it was determined that no access had been lost as a result of the attack.
"The Tax Collector’s Office is currently able to report that we did not lose access to our systems, backups, or other operational data," said the TCPC.
"However, in an abundance of caution to address this new strain of computer virus, TCPC has implemented additional safeguards to further secure system information."