Yuba County

Yuba County, located in the United States of America, was the target of a significant ransomware cyber-attack on February 18, 2021. This incident involved malicious software that encrypted portions of the county's computer systems, a common tactic used by threat actors to disrupt operations and extort payment. The attack directly impacted the county's operational technology infrastructure, causing disruptions to various public services and internal functions, though specific service interruptions were not detailed in public reports. The assailants demanded a financial ransom in exchange for decryption keys to restore the locked data and systems. This event represents a clear instance of a criminal cyber operation aimed at a local government entity, highlighting the persistent threat such organizations face from financially motivated hackers.

In response to the attack, Yuba County officials made a public decision to refuse the ransom demand, opting not to engage financially with the perpetrators. This stance aligns with cybersecurity best practices that discourage payment to avoid funding further criminal activity and provide no guarantee of data recovery. The county's leadership publicly confirmed the occurrence of the cyber incident and their choice to reject the extortion attempt. A key aspect of this breach was that, based on the information disclosed, there were no associated claims of data theft or leakage from the encrypted systems. The primary impact was operational disruption through encryption, rather than a data exfiltration event. The county's handling of the incident, including its public communication and refusal to pay, provides a documented case study in municipal cyber incident response.