Oldsmar, a Florida city of around 13,000 people in the Tampa Bay area, was just recently attack through its water supply on February 5, 2021. Through the supply system’s computer, the hacker tried to increase the levels of lye in the city’s water, officials said, putting thousands at risk of being poisoned.

“This is obviously a significant and potentially dangerous increase,” Pinellas County Sheriff Bob Gualtieri said. “Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners.”

If ingested in large amounts, sodium hydroxide can cause vomiting as well as chest and abdominal pain, according to the Centers for Disease Control.

Gualtieri said that on Friday at 8 a.m. a plant operator at the Oldmar water treatment facility noticed someone remotely accessing the system that he was monitoring. The system was deliberately set up with a piece of remote access software so that “authorized users could troubleshoot system problems from other locations,” Gualtieri added.

That instance of remote access was brief, but then it happened again at 1:30 p.m., and the hacker changed the sodium hydroxide levels. Fortunately, the operator immediately reduced the levels back to what was safe. At no time was there a significant adverse effect to the city’s water supply; the public was never in danger, Gualtieri said. It is unknown if the breach happened from someone locally, nationally, or even outside of the United States.

This scenario has long been feared by cybersecurity experts. Across the nation, water plant operators have accelerated the transformation to digital systems so they can work from remote work stations. Experts have warned that the same remote access can be exploited by hackers looking to exact harm.