Union County, Ohio, suffered a ransomware attack between May 6–18, 2025, resulting in the theft of highly sensitive personal and financial data belonging to 45,487 residents and staff. The compromised information included Social Security numbers, driver’s license numbers, financial account details, fingerprint data, medical records, and passport numbers. The breach was detected on May 18, 2025, prompting an immediate investigation with third-party cybersecurity experts and federal law enforcement. While the county secured its network and notified affected individuals by August 25, 2025, no ransomware group has yet claimed responsibility. The attack exposed critical personal data, posing severe risks of identity theft, financial fraud, and long-term reputational damage to the county and its residents. Union County, a fast-growing region with ~75,159 residents, faces potential legal, operational, and trust-related consequences due to the scale and sensitivity of the breach.
TPRM report: https://www.rankiteo.com/company/union-county-health-department
"id": "uni2502125092825",
"linkid": "union-county-health-department",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '45,487',
'industry': 'public administration',
'location': {'city': 'Marysville',
'country': 'United States',
'state': 'Ohio'},
'name': 'Union County, Ohio',
'size': '~75,159 residents (2025)',
'type': 'government (county)'}],
'customer_advisories': {'data_breach_notification_letters': True,
'description': 'Letters sent to 45,487 affected '
'individuals detailing the breach and '
'stolen data types.'},
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '45,487',
'personally_identifiable_information': True,
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'financial data',
'biometric data (fingerprint)',
'medical information',
'government-issued identifiers '
'(driver’s license, passport)']},
'date_detected': '2025-05-18',
'date_publicly_disclosed': '2025-09-27',
'description': 'A ransomware attack hit Union County, Ohio, resulting in the '
'theft of Social Security and financial data. Cybercriminals '
'accessed the County’s network between May 6 and 18, 2025, '
'stealing sensitive information including names, Social '
'Security numbers, driver’s license numbers, financial account '
'details, fingerprint data, medical information, and passport '
'numbers. The breach impacted 45,487 residents and staff. An '
'investigation was launched with external cybersecurity '
'experts, and federal law enforcement was notified. No '
'ransomware group has yet claimed responsibility.',
'impact': {'data_compromised': ['names',
'Social Security numbers',
'driver’s license numbers',
'financial account information',
'fingerprint data',
'medical information',
'passport numbers'],
'identity_theft_risk': 'high',
'payment_information_risk': 'high'},
'initial_access_broker': {'high_value_targets': [{'description': 'Social '
'Security '
'numbers, '
'financial '
'account '
'information, '
'and other '
'sensitive '
'records.',
'type': 'PII/financial '
'data'}],
'reconnaissance_period': {'description': 'Cybercriminals '
'accessed '
'the '
'County’s '
'network '
'during '
'this '
'period '
'before '
'deploying '
'ransomware.',
'end_date': '2025-05-18',
'start_date': '2025-05-06'}},
'investigation_status': 'completed (as of August 25, 2025)',
'ransomware': {'data_exfiltration': True},
'references': [{'date_accessed': '2025-09-27', 'source': 'SecurityAffairs'}],
'regulatory_compliance': {'regulatory_notifications': [{'authority': 'Maine '
'General '
'Attorney',
'description': 'Data '
'breach '
'notification '
'letter '
'shared'}]},
'response': {'communication_strategy': {'data_breach_notification_letters': True,
'regulatory_notifications': [{'authority': 'Maine '
'General '
'Attorney',
'description': 'Data '
'breach '
'notification '
'letter '
'shared '
'with '
'the '
'Maine '
'General '
'Attorney'}]},
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': [{'description': 'nationally '
'recognized '
'third-party '
'cybersecurity and '
'data forensics '
'consultants',
'type': 'cybersecurity '
'consultants'}]},
'title': 'Ransomware attack on Union County, Ohio impacting 45,487 people',
'type': 'ransomware'}