Cyber Incident Victim: Shelby County

On March 2, 2023, Shelby County government experienced a cyber attack when an overseas third party exploited a vulnerability in a commercial software system to attempt unauthorized access to the county’s IT network. The breach was detected and stopped by the county’s network administrator, who immediately initiated a review of the incident and its potential impacts. According to Commissioner Jason Abel, the attackers attempted to control a large volume of data simultaneously but were hindered by the brief duration of their access, the network’s transfer speed limitations, the size of the targeted dataset, and prevailing network traffic conditions. This combination of factors made it unlikely that any data was successfully transferred to the unauthorized party. The county’s IT infrastructure supports operations across multiple departments, raising concerns about systemic impacts, though no evidence confirmed data exfiltration.

Following containment, the network administrator restored normal operations using regularly maintained data backups designed to protect against ransomware attacks. Proactive measures included patching the exploited vulnerability and deploying additional software to monitor and track future unauthorized access attempts. The attackers did not communicate with the county or issue ransom demands. As a precaution, Shelby County reported the incident to state and federal cybersecurity agencies through both the county IT administrator and the Shelby County Sheriff’s Department. The FBI, while not confirming or denying an investigation, emphasizes rapid reporting to disrupt criminal financial flows and infrastructure. County officials maintained transparency throughout the response, underscoring the broader challenges of prosecuting cybercriminals who reinvest illicit gains into expanding their operational capabilities. The incident highlighted the pervasive risk of opportunistic cyber threats targeting organizations of all sizes.