Gloucester County

Government employees working for the county of Gloucester in Virginia had Social Security numbers and other sensitive data stolen during a ransomware attack in April. The county sent 3,527 current and former employees notices this week warning that their personal information was accessed by hackers who breached county systems on April 22. In addition to Social Security numbers, names, driver’s license numbers, bank account information, health insurance numbers and medical information was also stolen during the incident. The county hired cybersecurity experts to help with the recovery and notified the FBI’s Cyber Crimes Division as well as the Cyber Fusion Center of the Virginia State Police.

Source: https://therecord.media/virginia-county-says-ransomware-attack-exposed-ssns

TPRM report: https://scoringcyber.rankiteo.com/company/gloucester-county-virginia

"id": "glo502070425",
"linkid": "gloucester-county-virginia",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '3,527 current and former '
                                              'employees',
                        'industry': 'Public Administration',
                        'location': 'Gloucester County, Virginia',
                        'name': 'Gloucester County',
                        'size': 'More than 40,000 people',
                        'type': 'Government'}],
 'customer_advisories': 'Letters to 3,527 current and former employees',
 'data_breach': {'number_of_records_exposed': '3,527',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Social Security numbers',
                                              'Names',
                                              'Driver’s license numbers',
                                              'Bank account information',
                                              'Health insurance numbers',
                                              'Medical information']},
 'date_detected': '2023-04-22',
 'description': 'Government employees working for the county of Gloucester in '
                'Virginia had Social Security numbers and other sensitive data '
                'stolen during a ransomware attack in April.',
 'impact': {'data_compromised': ['Social Security numbers',
                                 'Names',
                                 'Driver’s license numbers',
                                 'Bank account information',
                                 'Health insurance numbers',
                                 'Medical information']},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'ransomware': {'ransomware_strain': 'BlackSuit'},
 'response': {'communication_strategy': 'Letters to 3,527 current and former '
                                        'employees',
              'enhanced_monitoring': 'Continuing to monitor the impact of a '
                                     'recent cybersecurity incident',
              'law_enforcement_notified': 'FBI’s Cyber Crimes Division and the '
                                          'Cyber Fusion Center of the Virginia '
                                          'State Police',
              'third_party_assistance': 'Cybersecurity experts'},
 'stakeholder_advisories': 'Public warnings on April 22 and April 23',
 'threat_actor': 'BlackSuit ransomware gang',
 'title': 'Ransomware Attack on Gloucester County, Virginia',
 'type': 'Ransomware Attack'}