A ransomware attack targeting Winona County, Minnesota, has escalated after cybercriminals released data stolen from the county’s network. County officials confirmed they became aware of the leak and have launched a comprehensive investigation in coordination with law enforcement and cybersecurity partners.
The incident marks another serious development in an ongoing ransomware case that has already disrupted county systems and prompted emergency cybersecurity measures.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
Data Leak Confirmed After Ransomware Attack
Winona County officials stated that they were informed on Wednesday that attackers had published information taken during the ransomware breach. The county acknowledged the development later the same day and emphasized that the situation is being treated with urgency.
Officials said a full review is underway to determine what information was accessed and which individuals may be affected. The process is expected to take time due to the scope of the compromised data and the complexity of the investigation.
The county also confirmed that it is working closely with law enforcement agencies and third-party cybersecurity experts to assess the breach and its impact.
Ongoing Investigation and Notification Process
Authorities have stated that individuals whose personal data is identified in the leaked files will be notified “as quickly as possible and in accordance with applicable law.” The county also plans to provide support resources to help residents protect their personal information from misuse.
Officials have not yet disclosed the exact nature of the stolen data or the total volume of files impacted. However, they reiterated that identifying affected records remains a top priority as the investigation continues.
Operational Impact and Emergency Response
The ransomware attack initially forced parts of the county’s network offline as a containment measure. Critical systems, including vital records services and Department of Motor Vehicles operations, were impacted.
Despite the disruption, emergency services in the county were not affected and continued operating normally. County offices have since returned close to normal operations following recovery efforts.
The county also received assistance from the Minnesota National Guard as part of its cybersecurity response efforts, highlighting the severity of the incident and the need for additional technical support.
Repeat Cyberattack Raises Security Concerns
Officials confirmed this was the second ransomware incident targeting Winona County within the same year. A prior attack was reported earlier, and preliminary findings suggest that the two incidents were carried out by different threat actors.
In response to both attacks, a local state of emergency was declared. Authorities have stated that lessons from the first incident helped improve detection and response capabilities during the second attack.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
