Albemarle County is extending an offer to provide credit monitoring and other services to people who may have had their personal information stolen in a cybersecurity attack earlier this year.
“On the morning of June 11, 2025, Albemarle County discovered issues with our IT systems and quickly determined that we were the victim of a ransomware incident,” reads an information release sent out December 17, 2025. “Ransomware is a type of malicious software that cybercriminals use to break into computer systems and lock up important data.”
The incident began the night before. The Charlottesville Daily Progress reported on July 15 that a group called INC Ransom was behind the attack.
“During this time, information from our systems was inappropriately accessed and/or obtained by an unauthorized user.
A total of 185 gigabytes of data was obtained in the security breach including sensitive material about a wide range of people, businesses, and organizations. That includes names, addresses, driver’s license numbers, Social Security numbers, and other information that may have been sold to those who wish to steal.
Among the information collected was information from Albemarle County’s self-insured health plan.
“The information connected to the health plan relates to program administration such as eligibility and enrollment details,” the statement continues. “While some of these records may contain health details due to coverage of costs for insurance, no medical charts or other extensive personal health information were part of the data, since it was related to health insurance administration and not medical treatment from providers.”
Albemarle has now concluded an investigation into the incident and will continue to extend free identity-monitoring services to anyone who may have been affected. A credit monitoring service through the company Kroll is available for up to a year. Anyone who wants to learn more should visit the county’s website.
The incident also took the county’s Geographic Information System offline for some time and a new platform is now being used for the service. Also affected in the breach is the county’s Development Dashboard, a resource that allows the public to review construction projects at various stages in the process.
After the incident was discovered to be happening, Albemarle County notified state and federal law enforcement agencies.
“We are continuing to evaluate additional actions to strengthen our network security in the face of an ever-evolving cyberthreat landscape that is, unfortunately, increasing over time,” the statement continues. “Regarding any protected health information the county handles, we have reviewed our handling and storage of this information and modified our procedures to improve security and reduce potential access by unauthorized persons.”
Additional coverage:
- Dollars or data likely motivated Albemarle County cyber incident, UVA expert says, Avery Davis, WVIR NBC29, June 13, 2025
- Albemarle County warns of cybersecurity breach, Sandy Hausman, Radio IQ, July 10, 2025
- Albemarle County IDs group behind ransomware attack, Caroline King, July 14, 2025
- Albemarle County concludes investigation into June ransomware attack, CBS19, December 17, 2025
Before you go: Paid subscribers cover the cost of conducting research for this article which was originally published in the December 17, 2025 edition of Charlottesville Community Engagement. You can either subscribe through Substack, make a monthly contribution through Patreon, or consider becoming a sponsor. The goal of Town Crier Productions is to increase awareness about what is happening at the local, regional, state, and federal government levels. Please share the work with others if you want people to know things.
.
Discover more from Information Charlottesville
Subscribe to get the latest posts sent to your email.
