Hackers Tried to Poison California Water Supply in Major Cyber Attack

A hacker accessed the system of a California water treatment plant in January and deleted several programs used to treat drinking water.

NBC News reported on Thursday that an unidentified hacker carried out the attack on an unspecified water treatment plant on January 15 in the San Francisco Bay Area by using the username and password of a former employee at the facility.

The hacker managed to access the former staff member's TeamViewer account, which allows employees to remotely use their computers, according to a report compiled by the Northern California Regional Intelligence Center in February that was obtained by NBC.

The report claimed that after the hacker logged in to the plant's system, they deleted several programs that the facility uses to treat the drinking water in the area.

The hack was unnoticed until the next day, but when it was discovered the plant reinstalled all the deleted programs and reset the passwords for its employees.

"No failures were reported as a result of this incident, and no individuals in the city reported illness from water-related failures," the report from the unidentified facility said about the hack.

NBC reported that the hacker "tried to poison" the area's water, but Michael Sena, the executive director of the Northern California Regional Intelligence Center, denied that claim while speaking to The San Francisco Chronicle.

"No one tried to poison any of our water. That is not accurate," he said, as Sena explained that tampering with the computer programs would be unlikely to result in any serious widespread poisoning.

"It takes a lot to influence a water supply chain," he said. "For a large impact, there has to be a large change in the chemicals in the system. The amount of chemicals it would take to cause harm to people...the numbers are astronomical."

A few weeks after the incident in San Francisco, a hacker infiltrated the system of the water treatment plant in Oldsmar, Florida, and attempted to add a "dangerous" level of chemicals to the facility's water.

Speaking during a press conference on February 8, Pinellas County Sheriff Bob Gualtieri said that the hack occurred on February 5 at the Oldsmar Water Treatment Facility when someone accessed a TeamViewer account.

Gualtieri said that in the morning a plant employee "noticed that someone remotely accessed the computer system that he was monitoring," which controls the chemicals at the plant, but didn't think much of it as colleagues regularly use the system from home.

At around 1:30 p.m. local time, the employee once again noticed that his computer was being accessed remotely.

"The person remotely accessed the system for about three to five minutes, opening various functions on the screen," Gualtieri said. "One of the functions opened by the person hacking into the system was one that controls the amount of sodium hydroxide in the water.

"The hacker changed the sodium hydroxide from about 100 parts per million to 11,100 parts per million. This is obviously a significant and potentially dangerous increase."

The employee at the plant noticed that the hacker had made changes and was able to lower the level of the chemical. Gualtieri confirmed that "at no time was there a significant adverse effect on the water being treated."

Newsweek has contacted the Northern California Regional Intelligence Center for comment on the hack.

San Francisco water plant accessed by hacker
OAKLAND, CALIFORNIA - APRIL 29: An aerial view of the East Bay Municipal Utility District Wastewater Treatment Plant on April 29, 2020, in Oakland, California. A hacker accessed the system of a California water treatment plant on January 15 and deleted several programs used to treat the drinking water. Justin Sullivan/Getty Images