The recent data breach of Mitchell County government computers has been featured in a national journal about information security.
The Mitchell County Department of Social Services was featured in a late January article in The HIPAA Journal that also covers similar security breaches in Pennsylvania and Florida.
Mitchell County announced in December that “there was unauthorized access to the county network between Oct. 16, 2025 and Oct. 20, 2025.”
According to county officials, unknown cybercriminals were able to access the personal information of clients of the Department of Social Services.
HIPAA Journal further notes that this ransomware attack caused “email and phone outages that lasted for several days,” and that around 500 people had their personal information affected, although that number might change once the investigation is complete.
The investigation of the security breach is ongoing. The U.S. Department of Health and Human Services monitors the security of personal health information under the Health Insurance Portability and Accountability Act of 1996, and the HHS Office for Civil Rights was notified of this breach.
Mitchell County has worked with federal law enforcement, the North Carolina Joint Cybersecurity Task Force, third-party consultants, and other agencies to look into this breach.
The county recommends that those who believe their information may have been involved in this security breach monitor their credit reports and insurance information for signs of identity theft.
More information on responding to the incident is here: https://www.mitchellcountync.gov/notice-of-data-security-incident/
The county has been working to update its digital security systems to prevent this kind of attack in the future.