Cyber Incident Victim: Lorain County
Date:
May 2025
Location:
United States of America
Summary
Lorain County experienced a cybersecurity incident that forced the temporary closure of several court-related services, including the Common Pleas Court, Domestic Relations and Juvenile divisions, and adult probation, while keeping essential operations such as 911, the sheriff’s office, children’s services, the coroner’s office, the board of developmental disabilities, Probate Court, the dog kennel, and many other departments online. The auditor’s office remained open but reported computer issues affecting its mapping services. Officials stated that critical services stayed available and that they are working with third‑party experts to restore the affected systems, noting that similar disruptions have occurred at other Ohio government bodies previously.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 1, 2025, the Lorain County Commissioners announced that they had become aware of a network security incident that disrupted some county systems. The announcement was made via a press release covered by Cleveland.com and also posted on the county’s official Facebook page. According to the announcement, impacted systems were taken offline out of an abundance of caution while the incident was under review. The commissioners stated that they were actively working with third‑party experts to assist in the investigation.
As a result of the incident, the Lorain County Court of Common Pleas General Division, the Domestic Relations and Juvenile Court Divisions, and the Adult Probation department were temporarily closed until the affected systems could be restored. Meanwhile, many other county services remained operational, including 911, the Sheriff’s Office, the Emergency Management Agency, the Probate Court, the Clerk of Courts, the Auditor’s Office, the Coroner’s Office, the Engineer’s Office, the Recorder’s Office, Children Services, the Board of Developmental Disabilities, the Children & Family First Council, the Mental Health Addiction & Recovery Services Board, the Planning Commission, the Port Authority, the Land Re‑utilization Corporation, the Records Commission, Community Development, the Convention & Visitors Bureau, the Dog Kennel, Job & Family Services, the Regional Airport, the Solid Waste Management District, and the Workforce Development Agency. The announcement noted that the Auditor’s Office continued to operate but experienced computer issues that interfered with its mapping services, and that hours for some agencies might be affected with limited notice. Messages on the websites of several agencies indicated that some services had been disrupted.
The commissioners said they would issue an update once the impacted departments were able to reopen and thanked the public for its patience and understanding while apologizing for the concern and inconvenience caused. They also noted that this incident marked the second time in 2025 that a major Northeast Ohio government had shuttered services following a cyberattack, referencing the earlier closure of Cleveland Municipal Court in February which had required assistance from the Ohio National Guard’s Cyber Reserve Force. Additionally, they recalled that a digital incident had affected Cleveland City Hall approximately one year prior, leading to a multi‑day office shutdown. No further technical details about the attack or its origin were provided in the announcements.