Kittson County, Minnesota, driver’s license and motor vehicle services remain limited after a reported cyber incident involving the county’s emergency service network prompted a state access block.
The disruption affects residents seeking driver’s license and motor vehicle services, though county officials said emergency services remain operational. Kittson County is a far northwestern Minnesota county whose seat is Hallock.
Kittson County first told residents June 4 that its DMV was temporarily closed until further notice and advised people to call before coming in, according to a county Facebook post.
In a June 11 memo, county administrator Aimee Sugden said the county had reported “a cyber incident involving our emergency service network” to Minnesota IT Services, the state’s central IT agency. The agency, known as MNIT, then blocked the county’s access to state Department of Motor Vehicle services as a precaution, making full DMV services temporarily unavailable, according to the memo.
County officials did not describe the DMV network as compromised. The county said the emergency service network was not connected to the county’s DMV network and remained operational for residents.
Kittson County’s driver’s license and motor vehicle office handles license services, registrations, title transfers and vehicle tabs, according to the county website. During the disruption, the office remains open and can accept payments for tabs to be mailed later, as well as Department of Natural Resources license transactions, but county officials said there was no estimated timeline for full DMV service restoration.
MNIT says Minnesota amended state law in 2024 to require MNIT and the Bureau of Criminal Apprehension to establish a cybersecurity incident reporting system for public agencies, government contractors and private entities. Public entities covered by the law were required to begin reporting cybersecurity incidents Dec. 1, 2024.
A DysruptionHub review of the NightSpire leak site found an obfuscated listing dated May 29 that appears consistent with “Kittson County, Minnesota.” The listing showed “K****** County, Mi**e**ta,” said data was not available and displayed a countdown timer consistent with a possible data release at about 7 p.m. Central time Tuesday, June 16. The listing reflects the group’s claim, not confirmation from the county. Kittson County has not publicly confirmed ransomware, data theft, a ransom demand or a threat actor, and DysruptionHub could not independently verify that the listing is connected to the county’s reported cyber incident.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
The county’s public memo did not say when the cyber incident began, what systems were affected, whether any county data was accessed, whether law enforcement was notified or whether the reported incident affected 911, dispatch or sheriff’s office systems beyond the emergency-services network described in the memo. Kittson County did not respond to a request for comment by the time of publication.
The Kittson County disruption follows other Minnesota county cyber incidents. Winona County reported ransomware incidents in January and April, with the April attack leaving DMV and vital records services offline while 911 remained operational. Mower County said a June 2025 ransomware attack exposed some Health and Human Services data.
Kittson County said updates would be provided as additional information becomes available and told residents to check the county website or call the office with questions.
