The ransomware group Qilin has taken credit for a cyberattack on the government of Spartanburg County, South Carolina, which caused widespread disruption to county services. The county first disclosed the cybersecurity incident on August 8, 2025, confirming that their systems were impacted and a limited number of “personnel on-boarding files containing employee information” were compromised. This attack marks the third data breach the county has experienced since 2018.
In a post on its dark web leak site, Qilin asserts that it exfiltrated a massive 390 GB of data from the county’s network. The gang’s statement directly contradicts official county announcements, claiming the damage was so severe that services would need to be completely rebuilt. They also allege that the breach resulted in the public exposure of half a million files, including highly sensitive personal data of residents, such as tax information and reports on violations, as well as thousands of private documents from local police and courts.
Spartanburg County officials, however, have not confirmed the validity of Qilin’s claims. There remains a lack of verified information regarding the exact types of data compromised, the total number of individuals affected, whether a ransom was paid, or the specific amount of the ransom demand. The method by which the attackers infiltrated the county’s network has also not been disclosed. Officials have remained tight-lipped, not providing answers to these critical questions in their communication with the press.
According to a statement from Spartanburg County communications manager Scottie Kay Blackwell, the county experienced a cybersecurity incident that initiated an immediate response, containment, and a criminal investigation by law enforcement. Blackwell’s statement confirmed that a review determined “a limited number of personnel on-boarding files containing employee information were accessed.” While most of this information is publicly available, a portion of it included “personally identifiable information” of individuals.
As a direct response to the breach, Spartanburg County is providing free credit monitoring services to all of its employees. This measure is intended to help mitigate potential harm from the compromised data, though the full extent of the damage remains unconfirmed by county authorities. The significant discrepancy between the gang’s claims and the county’s official statements highlights the ongoing challenge of managing public communication during a cyber crisis.
Reference:
