Box Elder County hit by ransomware attack exposing over 2 million government files

Box Elder County, Utah, has been hit by a ransomware attack claimed by the Interlock ransomware gang, resulting in the exposure of more than 2 million sensitive government files totaling over 305 GB of data. 

The cyberattack was discovered and reported by county officials on August 6, 2025. It compromised virtually every aspect of county operations, including highly sensitive law enforcement investigations, jail records, employee personal information, and confidential criminal case files.

Federal and state authorities, including the FBI, Utah State Bureau of Investigation, and the Utah State Cyber Crimes Task Force, are conducting a criminal investigation into the breach.

The ransomware gang published the stolen data on the dark web. The Interlock group alleges they exfiltrated approximately 4.5 TB of data comprising roughly 2.1 million files. Threat intelligence sources report the published dataset totals over 305 GB.

Exposed data includes:

• Detailed homicide investigation files, including the high-profile Dylan Rounds murder case
• Crime scene photographs and evidence documentation
• Jail floor plans and security procedures
• Inmate recordings, videos, and personal information
• Court records and criminal case files from 2015-2023
• Law enforcement officer contact information and personal details
• Employee payroll data, disciplinary records, and performance evaluations
• Search warrants and child abuse investigation forms
• Digital login credentials for county servers and Verizon accounts
• Digital certificates for network access and data decryption
• Emergency response procedures and facility security protocols

The number of affected individuals is not disclosed. The county officials have not publicly acknowledged the extent of the data leak or issued notifications to residents whose personal information may have been compromised.