Cyber Incident Victim: Grayson County

On February 24, 2020, Grayson County, Texas, experienced a ransomware attack that disrupted government systems. The attack occurred in the early morning hours before employees arrived for work, rendering the county’s records management system inaccessible upon their arrival. Information Technology Director Ken Miller confirmed the outage, noting that critical operational systems were forced offline due to the incident. The ransomware’s encryption of systems prompted an immediate disruption to county services reliant on digital records and workflows. No specific details regarding the ransomware variant, initial attack vector, or ransom demands were disclosed in initial reports. The county did not publicly confirm whether data exfiltration occurred alongside the encryption activity.

The Texas state government initiated an investigation into the attack, though no collaborating agencies or investigative methodologies were specified. Grayson County’s operational continuity was impaired by the loss of access to its records management system, which typically supports administrative and potentially law enforcement functions. Restoration timelines and contingency measures remained undisclosed at the time of reporting. The incident underscored the vulnerability of local government infrastructure to disruptive cyber threats. Investigations into the attack’s origin and scope were ongoing as of February 24.