Minnesota county service clients' sensitive information compromised in ransomware attack

A Minnesota county network was subjected to a ransomware attack that my have compromised county service clients' Social Security numbers, insurance information and other sensitive data, Clay County explained on its website Friday.

The county determined there had been a ransomware attack on its electronic document management system, also used by other Minnesota counties, on Oct. 27.

"Through the investigation, Clay County determined that there was unauthorized access to its network between October 23, 2023 and October 26, 2023," Clay County's announcement said. "As Clay County continued its investigation, it later learned that cyber criminals responsible for this attack took some data from Clay County's network."

The county said it worked with local IT and a digital forensics firm to assist in investigating the information. The county said it's not aware of any misuse of information related to the incident, though it said names, Social Security numbers, addresses, dates of birth, county service information and insurance information of clients and their household members may have been affected.

Clay County mailed notices to people whose data is involved in the incident in December and on Friday in cases where the county had contact information. Those concerned they might be affected can call (800) 459-5922 and provide the engagement number B114604.

Clay County said it has increased security in response to the incident. It recommends people who were potentially affected keep an eye on account statements, credit reports and insurance communications, as well as report any suspected fraud to authorities.

More information about the incident and precautionary steps for those affected can be found at Clay County's website.