Cyber Incident Victim: Gloucester County

OnApril 18, 2025, Gloucester County, Virginia experienced an external system breach resulting from hacking activity. The breach was discovered by the county on April 22, 2025. The incident was reported to the Maine Attorney General’s office as part of its data breach notification requirements. Gloucester County is located at 6489 Main Street, Gloucester, VA 23061.

The breach affected a total of 3,527 individuals, of whom one was a resident of Maine. The compromised information included a name or other personal identifier in combination with additional data elements, though the specific data elements are not detailed in the notification. As a government entity, Gloucester County’s external system was the point of entry for the attackers.

Written notification to affected individuals was issued on July 2, 2025. As part of the response, Gloucester County offered identity theft protection services for a duration of twenty‑four months through Experian IdentityWorks, which provides credit monitoring, identity restoration, and identity theft insurance. The notification and related inquiries were handled by outside cyber counsel Phillip Harmon, an associate at Woods Rogers, reachable at (540) 983‑7784 or [email protected].