Cyber Incident Victim: Rock County Public Health Department

On September 29, 2023, Rock County, Wisconsin, discovered a ransomware attack affecting its Public Health Department’s computer systems, prompting immediate containment measures. The incident occurred between September 22 and September 30, 2023, with the county taking systems offline to prevent further compromise. County Administrator Josh Smith confirmed the attack disrupted operations but stated the public experienced minimal service interruptions during the initial response. Third-party specialists were engaged to investigate the breach, restore systems securely, and assess the scope of compromised data. The Cuba ransomware gang claimed responsibility for the attack on October 3, 2023, alleging theft of financial documents, tax information, and other unspecified data. The group, which researchers suspect has ties to Russian state-affiliated actors due to prior attacks on Ukrainian and Montenegrin government systems, had previously extorted $60 million from over 100 global organizations by November 2022 according to U.S. agencies.

The breach impacted 25,823 individuals, including one Maine resident, exposing names and Social Security Numbers. Rock County notified affected individuals via written communication on December 1, 2023, and offered 12 months of credit monitoring through IDX. The Public Health Department, serving approximately 160,000 residents across 25 municipalities, faced operational challenges due to systems remaining offline during recovery efforts. This incident followed multiple cyberattacks targeting Wisconsin municipalities, including a ransomware attack on a school district affecting 20,000 students in 2022 and a July 2023 LockBit ransomware attack that disabled Langlade County’s sheriff’s office and 911 systems. The county’s investigation continued to determine the full extent of data exfiltration while working to restore all affected systems.