Carolina Beach Hit by Two Cyberattacks, Losing Nearly $500,000 in Government Funds
Carolina Beach officials disclosed on February 11 that the town fell victim to two cyberattacks in December 2025, resulting in the theft of $487,994.80 from its enterprise and general funds. The enterprise fund covers critical services like water, sewer, stormwater, and parking, while the general fund supports daily operations, wages, and public safety.
The first attack, discovered on December 23, led to a $200,000 loss after a missing payment alerted staff. The second, detected on January 6, accounted for the remaining $287,994.80. Town Manager Bruce Oakley confirmed finance staff identified the missing funds during a routine account review, though officials declined to provide specifics on the attack methods or vulnerabilities, citing an ongoing joint investigation by the Carolina Beach Police Department and the FBI.
Mayor Lynn Barbee emphasized that no town policies were violated and no personal or sensitive data was compromised. However, he noted the attacks mirrored an unrelated FBI investigation in another state, with Police Chief Vic Ward confirming the source was international.
The town’s cybersecurity insurance covers only $25,000, leaving the remaining losses to be absorbed by the general fund. Oakley expressed confidence in the town’s financial stability, citing years of budget surpluses, but acknowledged potential future budget amendments to recover the funds. Officials are also considering increasing insurance coverage.
The attacks occurred amid a cybersecurity overhaul following a National Guard assessment in 2024, which identified vulnerabilities as hacking tactics grow more sophisticated. In response, the town has implemented multi-factor authentication, stricter password policies, enhanced staff training, and encrypted data handling. Recent policy changes include limiting payment approvals without verbal verification and removing a public access terminal due to privacy and security risks though the terminal was unrelated to the attacks.
Carolina Beach continues working with its IT vendor, Dataprise, and cybersecurity experts to strengthen defenses. The incident follows a similar $650,000 loss in Pender County in late 2025, where scammers impersonated a water vendor to redirect payments. The FBI’s 2024 Internet Crime Report highlighted a 33% increase in U.S. cybercrime losses, totaling $16 billion.
Carolina Beach TPRM report: https://www.rankiteo.com/company/carolinabeach
"id": "car1771050416",
"linkid": "carolinabeach",
"type": "Cyber Attack",
"date": "2/2026",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Residents and service users '
'(water, sewer, stormwater, '
'parking)',
'industry': 'Government',
'location': 'Carolina Beach, North Carolina, USA',
'name': 'Carolina Beach',
'type': 'Municipality'}],
'data_breach': {'personally_identifiable_information': 'None',
'type_of_data_compromised': 'None'},
'date_detected': ['2025-12-23', '2025-01-06'],
'date_publicly_disclosed': '2026-02-11',
'description': 'Carolina Beach officials disclosed that the town fell victim '
'to two cyberattacks in December 2025, resulting in the theft '
'of $487,994.80 from its enterprise and general funds. The '
'attacks targeted critical services and daily operations.',
'impact': {'data_compromised': 'None',
'financial_loss': '$487,994.80',
'identity_theft_risk': 'None',
'operational_impact': 'Potential future budget amendments to '
'recover funds'},
'investigation_status': 'Ongoing (joint investigation by Carolina Beach '
'Police Department and FBI)',
'lessons_learned': 'Cybersecurity vulnerabilities identified; need for '
'increased insurance coverage and stricter payment '
'verification processes.',
'motivation': 'Financial Gain',
'post_incident_analysis': {'corrective_actions': 'Cybersecurity overhaul '
'including MFA, password '
'policies, staff training, '
'and encrypted data handling',
'root_causes': 'Vulnerabilities identified during '
'National Guard assessment in 2024; '
'sophisticated hacking tactics'},
'recommendations': ['Increase cybersecurity insurance coverage',
'Continue enhancing cybersecurity measures (e.g., MFA, '
'training)',
'Implement stricter payment approval protocols'],
'references': [{'source': 'Carolina Beach Official Disclosure'},
{'source': 'FBI 2024 Internet Crime Report'}],
'response': {'law_enforcement_notified': 'Yes (Carolina Beach Police '
'Department, FBI)',
'remediation_measures': ['Multi-factor authentication',
'Stricter password policies',
'Enhanced staff training',
'Encrypted data handling',
'Limiting payment approvals without '
'verbal verification',
'Removal of public access terminal'],
'third_party_assistance': 'Dataprise (IT vendor), cybersecurity '
'experts'},
'threat_actor': 'International',
'title': 'Carolina Beach Cyberattacks Resulting in Nearly $500,000 Loss',
'type': 'Financial Fraud'}