Cyber Incident Victim: United States of America
Date:
Jul 2024
Location:
United States of America
Summary
A cyberattack disrupted operations at the Jefferson County Clerk's office, forcing the closure of all branches due to system outages. The incident impacted critical services including vehicle registrations, professional licensing for marriages and notaries, voter registration processing, and housing deed recordings. While no data breach is currently suspected, officials are collaborating with forensic analysts and authorities to investigate the attack's origin and ensure system security before resuming operations. Limited services remain accessible through online portals for land record searches and voter registration updates via the state platform. Mail and document drop-off services continue but will not be processed until systems are restored.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 22, 2024, the Jefferson County Clerk’s Office in Louisville, Kentucky, experienced widespread system outages that forced the closure of all eight branch offices. Communications director Ashley Tinius confirmed the disruptions were caused by a cyberattack discovered during initial investigations. Authorities and a forensic analysis company were immediately engaged to determine the origin and scope of the breach. The attack disrupted core services including vehicle registrations, professional licensing for marriages and notary services, voter registration processing, and housing deed recordings. While online land record searches and voter registration updates through the Kentucky Voter Information Portal remained functional, physical office operations ceased entirely. The clerk’s office publicly stated no evidence of data compromise had been found but emphasized keeping branches closed until forensic verification of system security could be completed. Mail and document drop-off services continued accepting materials, though processing was suspended pending system restoration.
The incident created immediate operational paralysis, preventing residents from recording property deeds, obtaining marriage licenses, or completing vehicle-related transactions. Tinius acknowledged the attack particularly impacted professionals requiring notary licenses and couples planning weddings, while delayed deed recordings affected real estate transactions. Forensic teams focused on identifying entry points and attack vectors without publicly disclosing technical specifics. Office leadership adopted a deliberate containment strategy, refusing to reactivate systems despite service disruptions, prioritizing security validation over expedited reopening. No ransomware claims or threat actor attributions were reported during the initial response phase. The clerk’s office maintained public communication through Spectrum News 1 regarding service limitations but provided no estimated restoration timeline as investigations continued into late July.