Cyberattack and data breach forces Cobb County to shut down online systems
Learn More
Cobb County, Georgia has experienced a cybersecurity incident that required officials to take multiple online systems offline.
The breach occurred on Friday 21st of March and involved an unauthorized user gaining access to one of the county's servers. The county's IT teams immediately implemented their incident response protocols, taking systems offline to prevent further unauthorized access while they assessed the situation. Officials are systematically evaluating each system's security before bringing them back online.
As of Wednesday 26th of March, some online services remain unavailable, though core operations have been restored. Phone systems, email systems, and bill payment services are now functioning.
No details are disclosed about the nature of the attack, types of exposed data and number of affected individuals.
The full extent of the breach remains under investigation, and county officials have not yet determined whether taxpayers' sensitive information was compromised.
County officials have indicated they will provide additional updates as their investigation progresses and more information becomes available.
Update - as of 24th of April 2025, Cobb County reported that the cybersecurity attack has affected 10 individuals, including three county employees. The county said it’s begun notifying individuals “whom we believe had information accessed and copied from a limited number of Cobb County systems by an unauthorized actor.”
As of 2nd of May 2025, the cybercrime gang Qilin has claimed responsibility for breaching Cobb County and claim to have stolen 150 GB of data. The hackers have posted confidential information on the dark web that appears to include:
- Autopsy photos
- Social Security numbers
- Driver's license pictures
- Next of kin contact information
- Names and addresses of residents
- Other personal data
As of 23rd of May 2025, Cobb County officials have acknowledged that "there may have been additional personally identifiable information present in the involved systems at the time of the event." The county described the impact as affecting a "limited number" of systems that stored information relating to county employees and residents who received county services. Cobb County states that individuals whose personal information was confirmed to be compromised have already been mailed direct notifications.
The exact number of potentially affected individuals beyond the confirmed 10 cases has not been disclosed
