NOTICE OF CYBER INCIDENT
Updated November 3, 2025
In connection with the June 2025 ransomware attack, Mower County (the “County”) has determined that there was
unauthorized access to and acquisition of protected health information related to individuals who received services from the
County Health and Human Services Department. At this time, we are not aware of any misuse of the information
involved in this incident. We take this matter very seriously because of our commitment to the privacy and security of all
County information. We are providing this notice to inform potentially impacted individuals and suggest ways that
individuals can protect their information.
On August 15, 2025, we posted a notice on the County website explaining that the County was reviewing data that we
believed was impacted by this incident. While the review remains ongoing, we have completed our review of the data held
by the County Health and Human Services Department and, on November 3, 2025, mailed notifications to affected
individuals. Unfortunately, we did not have sufficient contact information to provide written notice to some individuals. We
are posting this notice on our website to notify those individuals for whom we do not have sufficient contact information
and providing a telephone number for questions.
What Happened
On June 18, 2025, the County detected ransomware on our computer network. We immediately launched an investigation
with assistance from expert cybersecurity and data forensics consultants to secure our network and investigate the scope of
the incident. We also alerted federal law enforcement. As part of the ongoing investigation, we determined that the cyber
criminals took data from our network, which included protected health information. The affected information relates to
individuals who received or are receiving services from the County Health and Human Services Department. Once we
discovered this, we began a thorough review of the data to determine what information may have been involved, who may
have been affected, and where those people live so that we could provide notice.
On September 30, 2025, we completed our review of the data held by County Health and Human Services and began
obtaining mailing addresses for impacted individuals to provide them with further details and resources to help protect their
personal information. On November 3, 2025, we mailed notice to all impacted individuals for whom we could locate address
information.
Our review of impacted data related to other County departments is ongoing at this time. Upon completing that review, we
will provide the required written notice to individuals and offer complimentary credit monitoring services where
appropriate.
What Information Was Involved
We determined that the protected health information includes name, Social Security number, driver’s license number or
state identification card number, immigration identification number, financial account information, address, date of birth,
information related to services received from County Health and Human Services, date(s) of medical service, unique
identification number related to services received, information related to medical condition, treatment or diagnosis, name
of healthcare providers, medications, and/or insurance identification number.
What We Are Doing About It
As soon as we learned about this incident, we immediately worked with our team to secure our network and begin an
investigation. We have notified federal law enforcement and will cooperate with any law enforcement investigation. To
further enhance our security and to help prevent similar occurrences in the future, we have taken or will be taking the
following steps:
1. Deployed security tools to enhance detection and accelerate response to cyber incidents;
2. Actively monitoring our network using end point detection tools to help ensure containment; and
3. Conducting an enterprise-wide password reset.
Additionally, the County notified the United States Department of Health and Human Services.
What You Can Do
We recommend that you take the following preventative measures to help detect and mitigate any misuse of your
information:
1. Remain vigilant for incidents of fraud and identity theft by regularly reviewing your account
statements, free credit reports, and Explanation of Benefits (EOB) forms for any unauthorized
or suspicious activity. If you notice any health care services listed in your EOB that you did
not receive, you should contact your health plan or doctor. Information on additional ways to
protect your information, including how to obtain a free credit report and free security freeze,
can be found at the end of this notice.
2. Report any incidents of suspected identity theft to your local law enforcement, state Attorney
General, and the major credit bureaus.
For More Information
The privacy and security of your information is very important to the County, and we remain committed to protecting it. If
you have any questions or concerns about this incident, you may call us at 507-437-9701 between 8:00 am to 4:30 pm,
Monday through Friday, excluding major holidays.
MORE INFORMATION ABOUT IDENTITY THEFT AND WAYS TO PROTECT YOURSELF
Visit https://www.experian.com/blogs/ask-experian/category/fraud-and-identity-theft/ for general information regarding
identity protection. You can obtain additional information about fraud alerts, security freezes, and preventing identity theft
from the consumer reporting agencies listed below and the Federal Trade Commission (FTC) by calling its identity theft
hotline: 877-438-4338; TTY: 1-866-653-4261. They also provide information online at
https://consumer.ftc.gov/features/identity-theft. The FTC’s address is: Federal Trade Commission, Division of Privacy and
Identity Protection, 600 Pennsylvania Avenue, NW, Washington, DC 20580. You have the ability to place a security freeze
on your credit reports by contacting the following agencies.
National Credit Reporting Agencies Contact Information
Equifax
P.O. Box 105788
Atlanta, GA 30348
1-888-298-0045
www.equifax.com
Experian
P.O. Box 9554
Allen, TX 75013
1-888-397-3742
www.experian.com
TransUnion
P.O. Box 2000
Chester, PA 19016
1-833-799-5355
www.transunion.com
Obtain Your Credit Report
You should also monitor your credit reports. You may periodically obtain your credit reports from each of the national
consumer reporting agencies. In addition, under federal law, you are entitled to one free copy of your credit report every 12
months from each of the three nationwide consumer reporting agencies listed above. You may obtain a free copy of your
credit report by going to www.AnnualCreditReport.com or by calling (877) 322-8228. You also may complete the Annual
Credit Report Request Form available from the FTC at
https://www.consumer.ftc.gov/sites/www.consumer.ftc.gov/files/articles/pdf/pdf-0093-annual-report-request-form.pdf and
mail it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281. You may also contact any of
the three major consumer reporting agencies to request a copy of your credit report. You may be able to obtain one or more
(depending on the state) additional copies of your credit report, free of charge. You must contact each of the credit reporting
agencies directly.
If you discover inaccurate information or a fraudulent transaction on your credit report, you have the right to request that
the consumer reporting agency delete that information from your credit report file.
Fraud Alerts
You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit
file for one year. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor
contact you prior to establishing any new accounts in your name. To place a fraud alert on your credit report, contact any
of the three national credit reporting agencies using the contact information listed above. As soon as one credit bureau
confirms the fraud alert, they will notify the others. Additional information is available at www.annualcreditreport.com.
Security Freeze
You have the ability to place a security freeze on your credit report at no cost to you. A security freeze is intended to prevent
credit, loans and services from being approved in your name without your consent. To place a security freeze on your credit
report, you may be able to use an online process, an automated telephone line, or a written request to all three of the credit
reporting agencies listed above. The following information must be included when requesting a security freeze (note that if
you are requesting a credit report for your spouse, this information must be provided for him/her as well): (1) full name,
with middle initial and any suffixes; (2) Social Security number; (3) date of birth; (4) current address and any previous
addresses for the past five years; (5) a legible copy of a government-issued identification card, (6) proof of current address,
such as a legible copy of a recent utility bill or bank or insurance statement, (7) a legible copy of a recent W-2, pay stub, or
Social Security card, and (8) if you are a victim of identity theft, a copy of either the police report, investigative report, or
complaint to a law enforcement agency concerning identity theft. It is essential that each copy be legible, display your name
and current mailing address, and the date of issue. Under federal law, you cannot be charged to place, lift, or remove a
security freeze.
After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique
PIN (personal identification number) or password. Keep the PIN or password in a safe place, you will need it if you choose
to lift the freeze.
Protecting Your Medical Information
We have no information to date indicating that your medical information involved in this incident was or will be used for
any unintended purposes. As a general matter, however, the following practices can help to protect you from medical identity
theft.
• Only share your health insurance cards with your health care providers and other family members who are covered
under your insurance plan or who help you with your medical care.
• Review your “explanation of benefits statement” which you receive from your health insurance company. Follow
up with your insurance company or care provider for any items you do not recognize. If necessary, contact the care
provider on the explanation of benefits statement and ask for copies of medical records from the date of the potential
access (noted above) to current date.
• Ask your insurance company for a current year-to-date report of all services paid for you as a beneficiary. Follow
up with your insurance company or the care provider for any items you do not recognize.
Additional Helpful Information
Even if you do not find any suspicious activity on your initial credit reports, the Federal Trade Commission (FTC)
recommends that you check your credit reports periodically. Checking your credit report periodically can help you spot
problems and address them quickly.
If you find suspicious activity on your credit reports or have reason to believe your information is being misused, call your
local law enforcement agency and file a police report. Be sure to obtain a copy of the police report, as many creditors will
want the information it contains to absolve you of the fraudulent debts. You may also file a complaint with the FTC by
contacting them at the information provided above. This notice was not delayed as a result of a law enforcement
investigation.
If your personal information has been used to file a false tax return, to open an account or to attempt to open an account in
your name, or to commit fraud or other crimes against you, you may file a police report in the city in which you currently
reside.