Cyber Incident Victim: Adams County, Wisconsin
Date:
Jan 2013
Location:
United States of America
Summary
A significant data breach in Adams County, Wisconsin, exposed sensitive information of over 258,000 individuals through unauthorized access to the county's computer systems spanning approximately six years. The compromised data included personal identification, health, and tax intercept details from six departments, accessed by manipulating software controls to escalate user privileges beyond authorized roles. Suspects, identified during the investigation, had their system access revoked and accounts suspended, with security measures centralized under restricted oversight. Reports indicated a county clerk used a keylogger to infiltrate other computers, though no arrests or charges were filed. Remedial actions included disabling compromised software controls and limiting network access to prevent further exploitation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The Adams County, Wisconsin data breach exposed sensitive information belonging to 258,120 individuals over a six-year period from January 2013 through March 2018. County officials discovered unauthorized access to their computer systems on March 28, 2018, prompting an investigation that culminated in a forensic report delivered on June 29, 2018. The compromised data included Personal Identification Information (PII), Personal Health Information (PHI), and Tax Intercept Information (TII) from six county departments: Veteran Service Office, County Employees, Extension Office, Solid Waste, Child Support, Health and Human Services, and Sheriff’s Office. Investigators determined attackers manipulated software programs to obtain unauthorized credentials that granted them access beyond their departmental privileges, enabling systemic data exfiltration across multiple agencies.
County officials suspended all identified suspect accounts and restricted network access following the breach discovery. Forensic evidence indicated the perpetrators used compromised usernames and passwords to escalate privileges within the network architecture. Media reports revealed authorities executed a search warrant to seize the laptop of County Clerk Cindy Phillippi, whom investigators suspected of deploying keyloggers to harvest credentials from other systems. The county implemented centralized access controls under a single designated administrator, disabled manipulated software components, and revoked all unauthorized entry points. No arrests or criminal charges had been filed as of the August 2018 disclosure, though the suspects permanently lost system access. Impacted individuals received formal notification through mailed letters detailing the exposure of their sensitive records spanning health, financial, and identity documentation.