Cyber Incident Victim: Lake County

On August 23, 2019, Lake County government systems experienced a ransomware attack that prompted an emergency shutdown of critical IT infrastructure. The attack disrupted email services and multiple internal applications used across county operations, forcing officials to publicly acknowledge the incident on August 24. County IT personnel immediately initiated containment measures by powering down affected systems to prevent further spread of the ransomware. The incident required extensive remediation efforts, with technicians working through the weekend to isolate and purge compromised components. No operational timelines for full restoration were provided in initial reports, though the disruption impacted routine government functions during the outage period.

The county's Information Technology Office, directed by Mark Pearman, focused on deploying cybersecurity software across approximately 3,000 employee laptops as a primary recovery measure. Concurrently, technicians addressed ransomware removal and system hardening on 40 county servers that sustained infections. These remediation activities were still underway as of August 22, indicating the attack preceded the public disclosure by at least one day. The response prioritized securing endpoint devices before reactivating network services, reflecting a phased containment strategy. No ransomware variant or specific attacker details were disclosed in available reports. The incident required sustained technical intervention across multiple days to restore core systems while maintaining emergency service capabilities throughout the recovery window.