A ransomware attack hit the DeKalb County Sheriff’s Department and jail in Smithville, Tennessee, disrupting email and inmate booking systems after staff saw the booking program stop during an intake, officials said.
Sheriff Patrick Ray said correctional officers noticed the problem early Friday morning when the jail’s booking program suddenly stopped.
Ray said the sheriff’s office’s main server, which he said controls department email and booking software “among other things,” was affected. He did not say what other systems were affected or how long email service would be disrupted.
Ray said the sheriff’s office worked with its inmate booking vendor and retrieved booking data Friday evening. He said a third-party firm will evaluate what happened and attempt additional data recovery as the investigation continues.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
“We have reported the external intrusion incident to the FBI and Tennessee Bureau of Investigation who are actively assisting us,” Ray said in a prepared statement published by WJLE Radio.
Ray said at least one other Tennessee sheriff’s department and jail has been targeted in similar incidents, but he did not identify the agency. He suggested the attack could be linked to foreign cyber activity, a claim that has not been independently verified.
The sheriff’s office has not said who was responsible for the attack, and there have been no public claims of responsibility. The office did not respond to an email seeking comment from DysruptionHub.
The DeKalb County incident follows other cyber-related disruptions involving Tennessee government agencies. La Vergne officials said a “network incident” detected Oct. 17, 2025, led the city to take systems offline while the FBI and the Tennessee Bureau of Investigation assisted, though public safety and water services remained operational. The Hamilton County Sheriff’s Office said an April 2025 ransomware event forced the agency to shut down online services during restoration work with outside specialists.
DeKalb County, home to about 20,000 residents, is in Middle Tennessee on the eastern edge of the Nashville area.
Officials said federal and state investigators are involved and a third-party firm will assess the breach and data recovery options. Ray did not say whether data was stolen or whether a ransom demand was made.
