Ransomware attack leads to cyber incident in Clay County

(Moorhead, Minn.) — Clay County officials say they discovered a cyber incident involving personal information relating to individuals the county serves.

According to a letter sent to Clay County residents, the county says they “are not aware of any misuse of any information involved in this incident.” Beginning on December 22, 2023, Clay County mailed notifications to individuals whose protected health information and/or personal information was impacted by this incident.

On October 27, 2023, Clay County determined that its network had been impacted by a ransomware attack that affected the electronic document management system (“CaseWorks”), which is hosted by Clay County and used by other Minnesota County social services entities. Clay County immediately initiated its incident response process and began working with its local information technology partner to investigate, to securely restore operations, and determine the effects of the incident. Clay County also worked with a nationally recognized digital forensics firm to assist with the investigation and notified federal law enforcement and the Minnesota Department of Human Services.

Through the investigation, Clay County determined that there was unauthorized access to its network between October 23, 2023 and October 26, 2023, and that the cyber criminals responsible for this attack took some data from Clay County’s network. As soon as Clay County learned this, it started notifying the other impacted counties and began an extensive review to determine what information may have been involved and who may have been affected, so that we could provide notice.