Cyber Incident Victim: Chippewa County

On February 28, 2023, an unauthorized remote access application was downloaded onto an employee’s laptop computer at the Chippewa County Human Resources Division in Wisconsin. An unknown individual subsequently used this application to access the device on March 1, 2023, prompting the employee to alert the IT department after noticing the intrusion. The IT team successfully blocked further access within approximately five minutes, though during this brief period, 25-35MB of data had been exfiltrated. An investigation determined that the incident was confined to this single device, with no indication of broader network compromise. The review of exfiltrated data confirmed that seven files contained protected health information (PHI), including patient names, medical history numbers, prescription details, prescription dates, and the prescribing doctors’ initials. County officials reported the breach to the Department of Health and Human Services Office for Civil Rights as impacting 842 individuals. While the precise method of the remote access application’s installation was unresolved, preliminary analysis suggested a potential drive-by download via a phishing email link, a malicious website, or a pop-up advertisement inadvertently triggered by the employee.

The breach timeline indicated the attacker's access occurred over a short, defined window, allowing limited but confirmed data theft. Forensic examinations verified the scope of compromised files and the absence of additional system infiltration beyond the targeted laptop. No evidence was presented regarding subsequent misuse of the stolen PHI. Chippewa County authorities did not disclose specific remediation actions beyond the immediate termination of unauthorized access, nor did they outline notifications to affected individuals beyond the mandatory reporting to federal regulators. The county’s statement focused on the singular device compromise, the nature of the exposed PHI, and the procedural response to halt the attack.