JACKSONVILLE BEACH, Fla. — A cybersecurity attack potentially compromised thousands of people’s private information, specifically those who have homes in Jacksonville’s three beaches, Ponte Vedra and Palm Valley.
>>> STREAM ACTION NEWS JAX LIVE <<<
The City of Jacksonville Beach sent out a statement, Wednesday, about a data security incident. The release stated the breach may have affected the privacy of information for certain employees of the City and customers of Beaches Energy Services, a utility that serves 35,000 customers according to its website.
[DOWNLOAD: Free Action News Jax app for alerts as news breaks]
Action News Jax learned on Thursday that the city was listed on a website found on the dark web. It has since been removed.
While the City of Jacksonville Beach won’t release how many people have been impacted, Action News Jax learned through the Maine Attorney General’s Office that 48,949 people have been impacted, including thirty-eight Maine residents. (Office of the Maine AG: Consumer Protection: Privacy, Identity Theft and Data Security Breaches) We’ve reached out to the Florida Attorney General’s Office for comment but haven’t heard back.
“About a month ago, I noticed that I wasn’t getting charged or any email confirmations,” Cierra Glasgow said. “So, I knew something was happening. I just never got notification that anything was wrong.”
Glasgow has been a Beaches Energy customer for four years and has her billing set up to auto-pay. She said she still hasn’t received any communication on why there’s a payment delay.
“It’s definitely concerning for the people that do pay online with our banking information, social security on there,” Glasgow said. “It’s definitely an unsettling feeling knowing that that could be in the hands of hackers.”
An investigation revealed that between the dates of January 22 and January 29, information may have been taken from the city network, according to the City of Jacksonville Beach spokesperson.
Action News Jax told you at the end of January, when the city had an “information systems issue” due to a “cybersecurity event” that forced city hall and city facilities to close down on Monday.
RELATED: ‘They’re softer targets:’ Jax Beach ‘cybersecurity event’ highlights larger concern, expert says
At the time, the city said it had “no indication” that personal, sensitive data was compromised.
Action News Jax reporter, Meghan Moriarty, learned on Thursday that the City was given information on February 22 indicating that sensitive information “pertaining to certain individuals” was involved in the cybersecurity incident from January.
In a formal statement Wednesday, the city said its’ employees and customers of Beaches Energy Services may have been impacted, including social security numbers, driver’s license information and bank account information.
When we asked about the gap in notification a spokesperson said:
“Comprehensive computer forensic investigations take time. After the City identified certain files were involved in the event during the investigation, it began a thorough review of those files to determine their contents and to obtain contact information for individuals so that it could issue written notice.”
— City of Jacksonville Beach spokesperson
“I think you can also assume that your login credentials were stolen, so maybe change your username and password, certainly your password across all your platforms you use,” Chris Freedman, the CEO of OnDefend, said.
He said smaller municipalities have become the big target for cyber attacks.
“They really have unsecure programs and they’re softer targets,” Freedman said. “If the data was stolen, it’s likely for financial reasons, for profitable reasons. So certainly, checking their credit, freezing their credit.”
Freedman recommends taking proactive measures by monitoring your identity and monitoring your credit. He also recommended ‘Have I been Pwned’ a website where you can check if your information is involved in a data breach.
A City of Jacksonville Beach spokesperson said if your information was compromised, you’ll get a letter in the mail with information and a code to use a credit monitoring service. Anyone who believes they are potentially impacted by this incident or have additional questions may call the dedicated assistance line at 844-709-0703.
The city also said it would work with customers for any unpaid balances by providing more time to do so.
“The City will not resume disconnection of utility services for non-payment until after we return to monthly billing on regularly scheduled cycles. Additionally, we will provide our customers adequate time to pay any balances that may be outstanding due to the interruption in billing. We will continue to inform Beaches Energy customers as we restore systems and return to normal operations.”
— Karen Nelson, Deputy City Manager of Jacksonville Beach
[SIGN UP: Action News Jax Daily Headlines Newsletter]
Beaches Energy customers should feel safe using the online payment platforms, according to the city representative. However, you can also pay in person at Jacksonville Beach City Hall.
Click here to download the free Action News Jax news and weather apps, click here to download the Action News Jax Now app for your smart TV and click here to stream Action News Jax live.
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/VIBAZNKLLZFBDI54LSHBQPENAA.png)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/VAM4IBO2KVGI7GDIPZEILKRCM4.jpg)
:quality(70)/d1hfln2sfez66z.cloudfront.net/04-27-2024/t_a52b4340b0444d7ea55162aca9ac4b17_name_file_960x540_1200_v3_1_.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/4HHTP2EADNFKNEYWPXQPRZT5XE.jpg)
:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/cmg/NGMKLAKH5NF27JQOAGV7JN25OU.jpg)