Ransomware attack on Gooding County impacted residents' personal information

Gooding County in Idaho said it experienced a serious ransomware incident that compromised the sensitive personal information of its residents.

In a data security incident notice filed with the Office of Attorney General of Idaho, Gooding County said that on March 25, it detected suspicious activity in its internal network and determined that unauthorised threat actors had infiltrated its network and deployed malware to encrypt its systems.

The County immediately launched an investigation, with assistance from external cyber security experts, to determine the scope of the incident. It also took steps to contain the ransomware incident, securely restored operations and mitigated the risk of the incident.

“On April 4, 2025, as part of its ongoing investigation, the County determined that this incident likely involved unauthorised acquisition of personal information, as defined by Idaho law. 

“The County is working with legal counsel and the digital forensics firm to review the impacted data to determine what specific information may have been affected and to whom that information relates so that it can comply with any notification obligations. 

“The County will be providing written notice to affected individuals, together with an offer of complimentary credit monitoring where appropriate,” Gooding County said. County officials added that the ITS Chief Information Security Officer was notified about the incident. 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Gooding county. The County officials also did not share details on who was behind the attack, how much data was compromised, or whether the County received a ransom demand.