The investigation revealed cyber criminals accessed the network from May 6, 2025, through May 18, 2025, and took some county data.
COLUMBUS, Ohio — Union County notified residents Wednesday about a cyber incident that involved a breach of protected personal information.
On May 18, 2025, the county detected ransomware on its computer network, immediately launching an investigation with assistance from third-party cybersecurity and data forensics consultants, the notice says. Federal law enforcement was also alerted as the county worked to secure the network.
The county said it conducted a review of the impacted data to determine what information was involved and who may have been affected. The review was completed on Aug. 25, and the county began locating mailing addresses and sending written notices to affected individuals.
The investigation revealed cyber criminals accessed the network from May 6, 2025, through May 18, 2025, and took some county data, including:
- Names
- Social Security numbers
- Driver’s license/state identification card numbers
- Financial account information
- Dates of birth
- Fingerprint information
- Medical information
- Payment card information
- Passport numbers
Due to the cyberattack, the county said it has implemented security measures to help prevent similar incidents in the future, including deploying security tools, using end point detection tools to actively monitor the network and conducting an enterprise-wide password reset.
“We also are monitoring internet sources and have found no indication that any personal information that we maintain has been released or offered for sale as a result of this incident,” the county said in the notice. “Additionally, the County will notify all appropriate state regulators regarding this incident.”
How to protect yourself
The county recommends the following preventative measures to help detect and mitigate any misuse of personal information:
- Remain alert for incidents of fraud and identity theft by regularly reviewing any account statements and free credit reports for unauthorized or suspicious activity by visiting www.AnnualCreditReport.com or by calling 877-322-8228.
- Report any incidents of suspected identity theft to your local law enforcement, state Attorney General and the major credit bureaus.
- Place a fraud alert on your credit report. The first one is free and will stay on your credit file for one year.
- Place a security freeze on your credit report, which has no cost, to prevent credit, loans and services from being approved in your name without your consent.
According to the notice, individuals affected by the ransomware attack received notifications in the mail beginning Wednesday. However, the county said it did not have sufficient contact information for some people.
For residents that were not contacted by the county, they can contact 1-833-919-4739 with the engagement number B152377. The number is active 9 a.m. and 9 p.m., Monday through Friday.
