Skip to content

Pennington County, South Dakota, closes offices during cybersecurity response

The county said 911 dispatch, jail operations, courts, early voting and other critical services remain operational while it assesses a network incident.

Exterior of the Pennington County Administration building, with glass doors and a sign reading “Pennington County Administration.”
The Pennington County Administration building in Rapid City, South Dakota. County officials said most public-facing offices would close Monday while they respond to a cybersecurity incident affecting parts of the county network. (Pennington County)

Pennington County, South Dakota, said most public-facing county offices will close Monday while officials respond to a cybersecurity incident affecting parts of its network.

The county said it is still determining the scope of the incident and working to restore systems safely, according to a release from the Pennington County State’s Attorney’s Office. Pennington County, anchored by Rapid City in western South Dakota, provides county government, courts, elections, jail and public safety services for one of the state’s largest population centers.

Critical life safety services remain operational, including 911 dispatch, the Pennington County Jail, the Juvenile Services Center, the Care Campus and other public safety operations, the county said.

Screenshot of a Pennington County State’s Attorney’s Office Facebook post announcing a cybersecurity incident and Monday closures for most public-facing county offices.
A Pennington County State’s Attorney’s Office Facebook post says most public-facing county offices will close Monday while officials respond to a cybersecurity incident affecting parts of the county network. (Screenshot/Pennington County State’s Attorney’s Office via Facebook)

Court operations, the county’s 24/7 Program, early voting and online or kiosk vehicle registration also remain available, the county said. Most other public-facing offices were set to close Monday.

The county said it is working with the South Dakota National Guard Cyber Incident Response Team, the South Dakota Fusion Center, the Cybersecurity and Infrastructure Security Agency and other partners as the investigation continues.

Officials have not confirmed an attack type, data theft, a ransom demand or a threat actor. The county has described the matter only as a cybersecurity incident affecting portions of its network.

Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.

Tip us

Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.

Become a Supporter

“Because this is an active investigation, there is very limited verified information available at this time,” the county said in the release.

National Guard cyber teams have increasingly been called to help state and local entities respond to serious network disruptions. In May, Winona County, Minnesota, said it was working with the Minnesota National Guard after a cyberattack disrupted county systems. St. Paul also sought Minnesota National Guard help during a 2025 cyberattack that affected city technology systems.

Officials have not said whether the incident involved ransomware, malware or unauthorized access, or whether any county data was accessed or taken. No public claims of responsibility were located by publication time. DysruptionHub had not received a response to questions sent to the county’s public information officer by publication time.

Attribution note: DysruptionHub credits upstream reporting and primary sources—see citations above. If this report informed your coverage, please cite DysruptionHub with a link.
DysruptionHub Staff

DysruptionHub Staff

A collaborative project to bring you the latest cyberattacks impacting the availability of services and goods in the United States.

All articles

More in Government

See all

More from DysruptionHub Staff

See all