Hacker changed chemical level at Oldsmar water treatment facility
Thanks to a vigilant operator and several redundancies, officials say the heightened level of sodium hydroxide never caused a public threat.
OLDSMAR, Fla. — A hacker gained access to Oldsmar’s water treatment plant, bumping the sodium hydroxide in the water to a “dangerous” level, Pinellas County Sheriff Bob Gualtieri said.
In a press conference Monday, Gualtieri said his deputies, along with the FBI and U.S. Secret Service, are investigating the breach as it is unclear if it came from within the U.S. or from a foreign actor.
The incident first occurred on Feb. 5 at the city’s water treatment plant when, around 8 a.m., an operator noticed someone had remotely entered the computer system that he was monitoring. It’s a system responsible for controlling the chemicals and other operations of the water treatment plant, Gualtieri said.
At first, the operator did not think much of the action due to the common use of the remote access software by supervisors to troubleshoot from different locations. That’s until it happened again.
And this time, Gualtieri says, the hacker did more than just remote in. According to the sheriff, the hacker spent up to five minutes in the system and adjusted the amount of sodium hydroxide in the water from 100 parts per million to 11,100.
“This is obviously a significant and potentially dangerous increase. Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners,” Gualtieri added.
RELATED: Oldsmar water treatment plant hack: 5 things to know about water safety, other cyberattacks
