Hacked

County offices recovering from hacker attack

Mitchell County administration is recovering from an attack by unknown cyber criminals, in which some personal information of county residents was compromised.

In a release just before Christmas, county officials said that “the county determined that there was unauthorized access to the county network between Oct. 16, 2025 and Oct. 20, 2025.  During that time, the cyber criminals took certain county data from its network, which included protected health information. The affected information relates to individuals who received or are receiving services from the county Department of Social Services.”

County officials noticed ransomware on their computer network on Oct. 20. They reported the incident to federal law enforcement and began working with third-party consultants, the North Carolina Joint Cybersecurity Task Force and other agencies to investigate the incident.

For individuals who fear their personal information may have been involved in this data breach, the county has posted guidelines on how to deal with the possibility of identity theft and other information security concerns: https://www.mitchellcountync.gov/notice-of-data-security-incident/

In response to follow-up questions about whether or not any foster-care children or other minors might have had their Social Security numbers compromised in this attack, County Manager Allen Cook said that the investigation is ongoing and that he has been advised not to say anything other than what is in the official release.

According to the county release, the administration is working to monitor its systems and network access, as well as strengthening its network against future incidents.

Social Services clients and anyone else who might be affected are recommended to monitor their account statements, free credit reports, and health insurance forms, keeping an eye out for unauthorized or suspicious activity.

“The privacy and security of the information we maintain is very important to us, and we remain committed to doing everything we can to maintain the confidentiality of such information,” Cook said in the release. “The county will continue to invest in the internal processes, tools, and resources to reduce the likelihood of future security incidents.”