Clay County, Minnesota, has fallen victim to a data security incident stemming from a ransomware attack on its electronic document management system, known as “CaseWorks,” which is used by social services entities in multiple Minnesota counties. The attack, identified on October 27, 2023, prompted Clay County to initiate its incident response process, collaborating with local information technology partners and a digital forensics firm to investigate and restore operations securely.
The unauthorized access occurred between October 23, 2023, and October 26, 2023, with cybercriminals extracting data from the county’s network. In response to the breach, Clay County has taken steps to enhance its cybersecurity posture. These measures include implementing multi-factor authentication for remote access to CaseWorks, updating procedures for external vendor access, deploying security tools for better detection and response to cyber incidents, and improving technical security for the CaseWorks application. The county is also notifying appropriate regulatory bodies, including the United States Department of Health and Human Services, to comply with compliance obligations.
The compromised data includes individuals’ names, Social Security numbers, addresses, dates of birth, and information related to services provided by Clay County Social Services, such as service locations, dates, client identification numbers, insurance identification numbers, and billing information. Despite the breach, Clay County investigators found no evidence on the Dark Web indicating the release or sale of the stolen personal information. The county is actively reaching out to affected individuals, advising them to remain vigilant for potential fraud or identity theft and providing guidance on protective measures, such as regularly reviewing account statements and obtaining free credit reports.
Clay County expresses regret for the incident and emphasizes its commitment to maintaining the privacy of personal information. Individuals affected by the breach have the right to request a report on the investigation’s details. The county encourages impacted individuals to contact a toll-free number to request the delivery of the report via mail or email, underscoring its dedication to transparency and accountability in addressing the cybersecurity incident.