Greene County, Georgia, took its government network offline after discovering a cybersecurity incident July 9, disrupting payment processing and services across tax, court and administrative offices.
The county said its contracted technology provider disconnected the servers to contain the incident and limit potential damage. Cybersecurity specialists are rebuilding the systems.
Public notices described a complete county network outage affecting the courthouse, commissioners’ offices, tax commissioner’s office, tax assessor’s office, building and zoning, elections, public works, recreation, public safety administration and the senior center.

The outage prevented county offices from accepting payments and processing some public requests. The tax commissioner’s office said the county’s property tax system was unavailable, preventing employees from processing payments in person.
Greene County’s main website remained online and displayed the county’s cybersecurity notice. The tax commissioner’s website also remained accessible, but a banner said online tax payments were unavailable.
The county said its 911 communications system and the Greene County Sheriff’s Office were not affected and remained fully operational.
Officials notified law enforcement after discovering the incident. The investigation remained active.
Georgia requires counties and other local government entities to contact their local emergency management agency within an hour of recognizing a cyber incident. State guidance recommends isolating affected systems, preserving logs and evidence, and notifying technology and security personnel.
The county said investigators had found no evidence that information was accessed or removed from its systems.
Greene County has about 21,000 residents and is centered in Greensboro, roughly 75 miles east of Atlanta.
The disruption follows ransomware attacks on two other Georgia county governments. Murray County paid $200,000 after a May attack disrupted county offices. Cobb County confirmed a March 2025 ransomware attack that was later claimed by the Qilin ransomware group, though county officials did not verify the group’s identity. Officials have not linked either attack to the Greene County incident.
Officials have not said how the incident began, what kind of cyber activity occurred, whether files were encrypted or which systems were directly affected.
They also have not identified a threat actor, said whether a ransom demand was made, named the investigating agencies, detailed which online services remain available or provided a timeline for restoring payments and other county functions.
The county did not respond to a request for comment by publication time.