Cyber Incident Victim: Bingham County

On February 15, 2017, Bingham County officials discovered a ransomware attack that had compromised county servers, rendering computer systems inaccessible across all departments. The malware encrypted critical data, prompting unidentified hackers to demand a ransom of $25,000 to $30,000 payable via Bitcoin or Western Union—payment methods chosen for their difficulty to trace. County Commissioner Whitney Manwaring confirmed the immediate decision against paying the ransom, with IT staff switching operations to backup servers on the same day. Initial containment efforts failed when the ransomware reappeared on at least one backup server by 4:00 a.m. on February 17, forcing a complete countywide system shutdown. This secondary infection exacerbated disruptions, requiring handwritten documentation in departments and crippling communications infrastructure, including phone systems.

The attack severely impacted emergency services, as the county dispatch center lost computer-aided logging of 911 calls and radio transmissions. Dispatchers resorted to physical maps, personal cell phones, and temporary support from Boise-based dispatch systems to coordinate emergency responses. Thousands of radio communications and hundreds of police reports required manual reentry once systems resumed. Although the county website went offline and all departments faced operational delays, officials confirmed no permanent data loss due to existing backups. Recovery efforts focused on rebuilding infrastructure with assistance from Idaho Counties Risk Management, which covered incident costs beyond a $1,000 deductible. IT personnel worked to purge the ransomware while planning enhanced firewall protections and staff training to prevent future breaches, aiming to restore full functionality by the weekend following the attack.