Georgetown County South Carolina continues to recover from cyber attack

February 22, 2021

Georgetown County government has restored email service for about half of its staff, but continues to work through issues created on Jan. 22, when the county's network was brought down by a ransomware attack. The county's IT staff will spend the coming weeks continuing to restore emails to staff, restore network connectivity and and clean computers that were infected during the attack. The county is also making security improvements in an effort to prevent such attacks in the future.

The network breach was traced to an email received by a county staff member. It was a very sophisticated attempt to gain access to the county network, according to cyber security experts working with the county. Details about the ransom and individuals or groups it may have been linked to are not available as the crime remains under investigation. Georgetown County did not pay the ransom, opting to rebuild its system instead.

While the breach impacted most of the county’s electronic systems, 911 and operations at the Detention Center were not affected. The county had insurance against cyber attacks in place at the time of the breach, and called in the State Law Enforcement Division and an expert cyber security team immediately once the attack was discovered. No evidence has been found to indicate that any private information, including that belonging to employees or taxpayers, has been compromised.