Cyber Incident Victim: Colorado State Government
Date:
Jul 2024
Location:
United States of America
Summary
A cyberattack disrupted operations at the Jefferson County Clerk's office, forcing the closure of all branches and halting services including vehicle registrations, professional licensing for marriages and notaries, voter registration updates, and housing deed processing. The office engaged forensic analysts and authorities to investigate the incident, emphasizing no evidence of data breach had been found. While online land record searches and voter registration changes through a state portal remained accessible, other services like deed recordings and license issuances were delayed indefinitely. Mail and drop-off submissions were accepted but could not be processed until systems were restored, with officials prioritizing security before reopening.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 22, 2024, the Jefferson County Clerk’s Office in Louisville, Kentucky, experienced widespread system outages affecting all eight of its branches, forcing an immediate shutdown of operations. Communications director Ashley Tinius confirmed the disruptions resulted from a cyberattack discovered during initial investigations, prompting coordination with forensic analysts and law enforcement agencies. The attack disrupted core services including vehicle registrations, professional licensing for marriages and notaries, voter registration processing, and housing deed recordings. While the office stated no evidence indicated data breaches, it prioritized system security over service restoration, declining to reopen branches until forensic reviews ensured safety. The closure stranded customers seeking time-sensitive transactions like real estate closings and marriage licenses, though online public land record searches and Kentucky’s Voter Information Portal remained accessible for existing registrations.
The incident created operational paralysis for document processing, with mailed or dropped-off materials accumulating unprocessed until systems resume. Tinius emphasized the office’s caution, acknowledging the attack’s disproportionate impact on professionals requiring immediate licensing and property buyers awaiting deed recordings. Limited workarounds existed for historical records or voter registration updates via external portals, but no alternatives addressed transactional services like new licenses or real-time deed filings. Forensic analysis and remediation efforts continued without a specified reopening timeline, reflecting the office’s commitment to verifying system integrity before restoring operations. The disruption highlighted dependencies on digital infrastructure for local government services, particularly in property, legal, and electoral administration.