Cyber Incident Victim: Summit County Fair

In late August 2014, Summit County, Utah, officials disclosed a security breach affecting financial transactions tied to the county fair's rodeo and demolition derby events. The breach came to light on Sunday, August 24, when multiple county employees and community members reported unauthorized charges on their bank accounts following ticket purchases for these events. Summit County spokeswoman Julie Booth confirmed the incident stemmed from a compromise at a third-party vendor responsible for processing online ticket sales. While the fair itself occurred earlier that month, the breach specifically impacted digital transactions processed through this external payment system. Officials initiated an investigation upon receiving the fraud reports but had not yet identified the exact intrusion method or timeline of the compromise at the time of public disclosure on August 28.

The incident exposed payment card data from 951 separate transactions processed through the vendor's platform, though authorities couldn't immediately determine how many unique customers were affected due to potential repeat purchases. No other county systems or in-person fair transactions were implicated in the breach. Affected individuals faced direct financial consequences through fraudulent charges, prompting Summit County to coordinate with banking institutions regarding the suspicious activity. The county did not specify whether forensic investigators had identified the attackers or their motives, nor did they disclose the vendor's name or remediation steps taken. Public notification occurred four days after initial detection, with officials directing impacted parties to monitor bank statements and contact financial institutions. Further details about the investigation were referenced in coverage by the Deseret News, though specific findings weren't included in the initial disclosure.