Mower County warns residents after ransomware attack

Mower County, Minnesota, suffered a ransomware attack on June 18, 2025, that disrupted its computer network and impacted sensitive data.

What happened 

County Administrator Matthew Verdick confirmed the incident and explained that the county immediately launched an investigation with cybersecurity and data forensics experts to secure the network and assess the breach. 

The county also notified federal law enforcement about the attack. Investigators determined that the cybercriminals stole certain data, including protected health information (PHI) of individuals who received or are currently receiving services from the Mower County Health and Human Services Department. 

On August 18, 2025, the county announced via its official website that individuals whose information may have been affected would be notified while the data review continues. Once the review is complete, written notifications and complimentary credit monitoring services will be offered to affected residents.

When should federal law enforcement be notified of a breach?

Federal law enforcement should be notified immediately upon reasonably determining a breach, unless a law enforcement agency itself issues a written request delaying notification, in which case notification to individuals must happen within 30 days of that request. 

If law enforcement agencies such as the FBI or Secret Service determine that notifying individuals could impede criminal investigations or risk national security, they may issue a written request to delay notification to individuals.

What was said 

According to an article on the breach, published in Govtech, the organization stated,“The privacy and security of the information we maintain is very important to us, and we remain committed to doing everything we can to maintain the confidentiality of such information. The County will continue to invest in the internal processes, tools, and resources to reduce the likelihood of future security incidents.” 

See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)

FAQs

What is a data breach?

A data breach happens when unauthorized individuals gain access to sensitive or confidential information.

What causes most data breaches?

Common causes include phishing attacks, ransomware, weak passwords, unpatched software vulnerabilities, insider threats, or misconfigured systems.

Are organizations required to offer credit monitoring?

Many organizations offer free credit monitoring after a breach, especially if Social Security numbers or financial information were involved. While not always legally required, it is a common industry practice.