Greenville municipality hit by ransomware attack

The City of Greenville, Texas, reports a ransomware attack that has disrupted municipal services and compromised access to critical city records and systems. 

The attack occurred on August 5, 2025, when a ransomware group successfully infiltrated the city's servers, blocking access to police records, administrative systems, and utility billing infrastructure. City officials isolated affected systems, contacted law enforcement, and engaged a third-party cybersecurity firm to help in recovery.

Greenville's emergency 911 service was not affected and remains in operation, but some phone lines may experience intermittent outages or busy signals. 

City officials have implemented temporary billing accommodations for residents during the system recovery period and have paused shutoffs for the time being, not calculating any late fees and are allowing residents to pay in person. Residents who over-pay will receive credit on their next bill, while those who under-pay will be charged for the remaining balance in subsequent billing cycles.

Compromised systems:

• Police records and law enforcement databases
• Administrative city records and document management systems
• Utility billing systems and customer payment processing
• Internal file storage and document repositories
• Email systems and communications infrastructure
• Public records management systems

The number of affected individuals and any personal information breached are not disclosed. The city has emphasized that their ongoing investigation has not revealed compromise of sensitive personal data belonging to residents or city employees.