Mitchell County, North Carolina, says an October ransomware attack led to unauthorized access and theft of Department of Social Services health data; the county also reported phone and email outages during that period, calling them technical issues.
The county said it detected ransomware on its computer network Oct. 20 and brought in outside cybersecurity and data forensics consultants. Officials said they reported the incident to federal law enforcement and worked with the North Carolina Joint Cybersecurity Task Force and other state resources.
In late October, the county posted public service alerts about repeated system outages, describing the problems as technical issues without mentioning a cyberattack. In a notice posted Dec. 19, the county said the disruptions stemmed from ransomware and that attackers stole data that included protected health information. The county did not respond to emailed questions about the outages, whether a ransom demand was made, or how many people may be affected.
North Carolina’s Joint Cybersecurity Task Force, which includes state IT and law enforcement partners along with the North Carolina National Guard’s cyber response force, coordinates incident-response support for state and local governments during major cyber events.
As part of its investigation, the county said it determined there was unauthorized access to its network between Oct. 16 and Oct. 20. During that window, the county said attackers took certain data, including protected health information connected to people receiving services through the Department of Social Services.
County officials said they are reviewing what information was involved, who may have been affected and where those individuals live so written notices can be sent. The county said it plans to offer free credit monitoring where appropriate and has notified the U.S. Department of Health and Human Services.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
During the outage period, officials said county computer and phone systems were taken offline multiple times, limiting email access and leaving many telephone calls unavailable, while offices remained open and staffed.
The county said it has taken and plans additional steps to strengthen security, including upgrades to its email platform, enhanced detection software, and tighter password policies and access restrictions. It said it continues to monitor systems, data and network access.
Mitchell County is a rural mountain county in western North Carolina with about 14,903 residents; county offices are based in Bakersville. The county was among western North Carolina communities affected by Hurricane Helene in 2024.
Cyber disruptions have also hit other North Carolina local governments in recent years. Winston-Salem reported a “cyber event” in late 2024 that disabled some systems and forced the city to suspend online payment functions. Thomasville disclosed a 2025 incident affecting municipal systems and later said it was rebuilding parts of its network. Waxhaw reported a 2025 cyberattack that disrupted town systems, while Catawba County’s government website was offline for days in 2025 before being restored, and officials did not immediately provide a cause.
