The St. Lucie County Clerk and Comptroller’s public website was compromised Tuesday, redirecting some users to an unauthorized third-party website before staff removed a malicious script, Clerk Michelle R. Miller said.
Miller, in an email to DysruptionHub, said the incident was limited to the clerk’s externally hosted public website and that investigators found no evidence it reached internal systems or data maintained by those systems.
“Upon discovery, the Clerk’s Information Technology staff immediately initiated an investigation and worked with the Clerk’s website hosting provider to identify the issue, restore normal website functionality, and verify the integrity of the Clerk’s systems,” Miller wrote Wednesday.

The website is operational, Miller said, though users may experience slower-than-normal performance while the website database completes re-indexing after restoration.
The Fort Pierce-based clerk’s office manages court records, official records, payments, jury services and other public-facing services for St. Lucie County, making its website a key access point for residents seeking records and online services.
WPTV reported Tuesday that the website was down for hours and redirecting visitors to another site before coming back online at about 1:30 p.m. The station reported that Jose Clavijo, the office’s information technology director, said the office received a report shortly before 8 a.m. that something was wrong with the homepage.
The office initially described the problem publicly as technical difficulties. In a video statement posted later Tuesday, Miller said the website experienced “a temporary redirection issue caused by a third-party service provider” and said no personal or confidential information was compromised or at risk.
Miller’s Wednesday response gave a more specific account, saying “certain hyperlinks on the Clerk’s public website were redirecting users to an unauthorized third-party website.” She said the investigation determined the externally hosted public website “had been compromised.”
“As part of the remediation process, a malicious script associated with the incident was identified and removed,” Miller wrote. “The website was restored from a known-good backup, the website files were scanned, and the website was returned to service.”
Miller said the public website is architecturally separate from the clerk’s production systems and does not have backend connectivity, authentication credentials or privileged access to the clerk’s case-management, official records, financial or other production systems.
The office “has no evidence that the incident involved unauthorized access to the Clerk’s internal systems or the data maintained by those systems,” Miller wrote.
WPTV reported Tuesday that the clerk’s office communications team said the incident was not a hack because no personal information was compromised. Miller said Wednesday that the office’s initial public statements reflected the information available shortly after the incident was discovered.
“As the investigation progressed, additional facts were developed regarding the scope of the incident,” Miller wrote. “Our current understanding is based on the investigative work completed to date.”
Miller said the office is following cybersecurity incident reporting requirements and will make required notifications under Florida law. She declined to discuss specific technical details, citing cybersecurity risks and a Florida public records exemption for some cybersecurity information.
The incident resembles other recent public-sector website compromises in which officials reported public-facing website disruption but said sensitive data or core government systems were not affected. Palouse, Washington, restored its city website from a hosting provider backup after an April cyberattack, and Guam officials said in May that multiple government websites may have been affected by a cPanel vulnerability. St. Lucie officials have not linked their incident to either case.
No threat actor has been identified, and the office has not confirmed any ransomware, ransom demand or data theft.