Liberty Township, Ohio, Hit by Ransomware Attack Exposing Sensitive Data and Weak Credentials
On June 14, 2025, the ransomware group Safepay added Liberty Township in Butler County, Ohio, to its leak site, claiming to have stolen 48 GB of data. The breach, which occurred in the early hours of May 5, 2025, included sensitive personnel records, disciplinary actions, and medical information. However, cybersecurity outlet DataBreaches identified a particularly concerning detail: two files belonging to a former administrative assistant contained plaintext login credentials for dozens of sites, including secure portals.
The exposed passwords were notably weak, often starting with "Liberty" or the employee’s last name, and were reused across multiple accounts including those for township utilities. While DataBreaches did not test the credentials, they alerted the township and the former employee to the risk of further compromise.
Liberty Township Administrator Caroline McKinney confirmed the ransomware attack and stated that the township had recovered its network, changed all passwords, and was working with a third-party vendor to provide credit monitoring and identity theft protection for affected individuals. The incident remains under investigation, with ongoing efforts to strengthen security measures.
Liberty Township, Butler County, Ohio cybersecurity rating report: https://www.rankiteo.com/company/libertytownshipbc
"id": "LIB1768265987",
"linkid": "libertytownshipbc",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Individuals whose personal '
'information was exposed',
'industry': 'Local Government',
'location': 'Butler County, Ohio, USA',
'name': 'Liberty Township',
'type': 'Government'}],
'customer_advisories': 'Affected individuals notified and offered credit '
'monitoring/identity theft services',
'data_breach': {'data_exfiltration': 'Yes (48 GB of data claimed by threat '
'actors)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (disciplinary actions, medical '
'information, plain-text credentials)',
'type_of_data_compromised': ['Personnel information',
'Login credentials']},
'date_detected': '2025-05-05',
'date_publicly_disclosed': '2025-06-14',
'description': 'Liberty Township in Butler County, Ohio, was targeted by a '
'ransomware attack on May 5, 2025. The threat actors claimed '
'to have exfiltrated 48 GB of data, including sensitive '
'personnel information and login credentials for dozens of '
'sites in plain text. The township confirmed the attack and is '
'working with a third-party vendor to provide credit '
'monitoring and identity theft services to affected '
'individuals.',
'impact': {'data_compromised': '48 GB of data, including sensitive personnel '
'information and login credentials',
'identity_theft_risk': 'High (due to exposed personal and login '
'information)'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Password changes, security '
'improvements, and ongoing '
'risk mitigation'},
'ransomware': {'data_exfiltration': 'Yes'},
'recommendations': 'Improve password policies (avoid reuse, enforce '
'complexity), enhance monitoring, and conduct security '
'awareness training',
'references': [{'date_accessed': '2025-06-14', 'source': 'Safepay leak site'},
{'source': 'DataBreaches'}],
'response': {'communication_strategy': 'Communicating with staff and affected '
'individuals',
'enhanced_monitoring': 'Ongoing security improvements',
'recovery_measures': 'Network recovered',
'remediation_measures': 'Passwords changed township-wide, '
'employees alerted',
'third_party_assistance': 'Yes (credit monitoring/identity theft '
'services vendor)'},
'title': 'Liberty Township Ransomware Attack',
'type': 'Ransomware'}