Cyber Incident Victim: Somerset County

On May 24, 2022, Somerset County experienced a cybersecurity breach involving ransomware that disrupted its email systems. The attack rendered the county email system inoperable, preventing personnel from receiving or responding to emails. Immediate operational impacts included the postponement of that evening’s Board of Commissioners meeting. County offices and phone lines remained operational during the incident, and emergency services—including 9-1-1 communications—were unaffected and fully functional. County Administrator Colleen Mahr confirmed the activation of the Emergency Operations Center and the Continuity of Operations of Government Plan in response to the breach. Officials anticipated the email disruption would persist at least through the remainder of the week, though most county functions continued normally outside the compromised systems.

By May 25, 2022, additional service limitations emerged as departments reliant on internet access became further affected. The Somerset County Clerk’s office reported an inability to provide most services requiring online connectivity, including mail-in ballot replacements, which necessitated alternative request methods via a designated phone line. The county issued public advisories recommending residents call ahead before visiting offices to confirm service availability during the outage. No further technical details regarding the ransomware variant, initial attack vector, or data compromise were disclosed in the available public updates. The incident remained under active management by county officials, with no restoration timeline or attribution information provided at the time of the last published update on May 25.