A phishing attack on Nacogdoches County, Texas, disrupted online pay-stub access and coincided with limited public access to some sheriff’s office information online, county officials said.
Nacogdoches County Judge Chris Bentley told The Daily Sentinel that the May 28 incident affected “a limited number of former sheriff’s office employees,” who are being contacted directly and offered free credit monitoring. The county has not said whether data was accessed or taken.
Nacogdoches County, in eastern Texas, provides local government, law enforcement, court and public records services for more than 66,000 residents.
Bentley said the incident was contained and did not affect residents doing business on the county website or current county employees. He said sheriff’s office operations, emergency services, county finances and county services remained operational.
But the county’s description also shows disruption in normal administrative and public-information systems. Bentley said employees were receiving paper pay stubs because online pay-stub access was unavailable.
“Nothing has affected pay at all,” Bentley told the newspaper. “What’s happened with pay is we are doing paper pay stubs.”
The incident also accelerated a previously planned move from the county’s former website, www.co.nacogdoches.tx.us, to nacogdochesco.gov, Bentley told the newspaper. The sheriff’s office also had used a separate website, nac-sheriff.com, but sheriff’s office information is now being folded into the county’s new site.
The federal registrar for .gov domains says they are available only to verified U.S.-based government organizations.
Public access to some sheriff’s office information was limited during that transition. The sheriff’s office said June 10 that its page on the new county website was still being built and that residents checking the daily jail roster would have to rely on booking summaries and daily activity reports until the page was completed.

The new county site says the county is “moving to a new website” and links users to sheriff’s daily reports, election results and a public information request form. It now shows static sheriff’s office reports, including booking summaries, daily activity logs and an inmate list, posted as individual links.
The county has not explained how a phishing attack involving former sheriff’s office employee information was connected to unavailable online pay-stub access, an accelerated website migration and a public website that remained incomplete weeks later. Officials have said core services continued, but they have not said whether the attack directly affected the public website, payroll system or sheriff’s office website tools.
DysruptionHub emailed Bentley seeking clarification on whether the phishing attack directly affected payroll, website or sheriff’s office systems, which systems were taken offline or rebuilt, and whether any data was accessed or taken. The county did not respond before publication.
Bentley told The Daily Sentinel the attack has elevated information technology upgrades as commissioners enter budget discussions this summer. He said officials may explore grants or remaining federal pandemic relief funds to pay for technology improvements.
The Nacogdoches County incident resembles other 2025 Texas county cyberattacks in which officials said emergency services continued operating while administrative systems were disrupted.
Matagorda County declared a disaster in January after a breach affected internal systems, disrupted some operations and forced residents to use drop boxes or mailed checks for tax payments.
Kaufman County officials said an October security incident disrupted courthouse computer systems and employee files, while the sheriff’s department and emergency services continued operating normally.
No hacking group has publicly claimed responsibility for the county attack in public leak-site postings reviewed by DysruptionHub. The county has not reported a ransom demand.