Cyber Incident Victim: Morgan County 911
Date:
May 2025
Location:
United States of America
Summary
A cyber attack disrupted multiple systems in Morgan County, prompting officials to isolate the data connection to the 911 center to protect other networks while the issue is investigated. The Sheriff’s Office reported that the intrusion affected the inmate roster and warrants list, leading authorities to post daily arrest notices manually until the roster is restored. IT staff disconnected the link to prevent further spread and are working to restore full functionality.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Wednesday, May 14, 2025, Morgan County 911, a separate agency, experienced a cyber attack. The attack caused multiple systems in Morgan County to go down for several days. In response, Morgan County IT disconnected the data connection to Morgan County 911 to protect other systems while the issue was being identified and fixed. The Sheriff’s Office reported that the disrupted data connection impacted the Inmate Roster and the Warrants List. Officials stated that they would continue to post daily arrest information each morning until the inmate roster was restored and functioning.
The disconnection of the data connection meant that personnel could not access the Inmate Roster or Warrants List through the usual channels. As a result, the county adopted a temporary manual process of publishing arrest details each morning to maintain public awareness. The cyber attack left multiple systems unavailable for an extended period, prompting ongoing efforts to identify the source and remediate the vulnerability. Morgan County IT continued to work on restoring the connection and securing the network. The situation remained under active investigation as of the date of the report.