County Computers Crashed: Cyberattack Hits Lorain Government, Courts Go Dark
By Aaron C. Knapp, Investigative Reporter
Something strange started happening in Lorain County this week. First, the Auditor’s website wasn’t working right. Then came an alert: some county computers had been attacked. By Thursday, the situation was serious enough that county leaders sent out a public message. Some courts shut down. The 911 system was briefly offline. And still, many residents had no idea what was going on.
This wasn’t just a normal tech glitch. This was a full-on cyberattack—an outside hit to the county’s computer network that left several departments scrambling.
Here’s what we know so far.
What the County Said
The following message was shared with the public by Lorain County officials, including the Sheriff and Prosecutor’s Office:
“Protecting the security and privacy of personal information is of the utmost importance for Lorain County Government. The Lorain County Commissioners recently became aware of a network security incident that disrupted some systems. At this time, impacted systems remain offline out of an abundance of caution. The commissioners are actively working with third-party experts to assist in our investigation efforts.
As of now, critical services and departments remain online for citizens, including: Lorain County 911, Lorain County Sheriff, Lorain County Emergency Management Agency, Lorain County Probate Court, Lorain County Clerk of Courts, Lorain County Auditor, Lorain County Coroner, Lorain County Engineer, Lorain County Recorder, Lorain County Children Services, Lorain County Board of Developmental Disabilities, Lorain County Children & Family First Council, Mental Health, Addiction & Recovery Services Board of Lorain County, Lorain County Planning Commission, Lorain County Port Authority, Lorain County Land Re-utilization Corporation, Lorain County Records Commission, Lorain County Community Development, Lorain County Convention & Visitors Bureau, Lorain County Dog Kennel, Lorain County Job & Family Services, Lorain County Regional Airport, Lorain County Solid Waste Management District, and Lorain County Workforce Development Agency.
However, several departments will close until impacted systems are brought back online. These include: Lorain County Court of Common Pleas, General Division and Domestic Relations/Juvenile Court Divisions, and Lorain County Adult Probation.”
What Does This Mean for You?
If you had a court hearing scheduled this week—maybe a custody dispute, a protection order, or a hearing that could affect your freedom—it may have been abruptly canceled with no clear reschedule date. If you needed a probation meeting or had to file paperwork in juvenile court, chances are you showed up to a locked building or got turned away by staff who couldn’t access their systems.
While emergency services like the Sheriff’s Office, Children Services, and Job & Family Services stayed online, even 911 wasn’t safe. For a period of time, the emergency dispatch system—the one we all count on in life-or-death situations—was down. The county had to scramble, telling residents to call non-emergency lines or dial local police departments directly. That’s not a small inconvenience. That’s a public safety hazard.
In a crisis like this, every second matters. A child custody decision delayed by a week can impact entire families. A missed probation check-in could have legal consequences. A 911 call that doesn’t go through could mean the difference between help arriving—or not.
This wasn’t just a tech problem in an office across town. This was a real disruption that reached into courtrooms, homes, and neighborhoods. And it’s a reminder that when government systems fail, it’s everyday people who pay the price first.
Where Did It Start?
The trouble appears to have started at the Lorain County Auditor’s Office, one of the most data-heavy departments in local government. Early in the week, property records and mapping tools on their website began to malfunction. What may have looked like a harmless glitch turned out to be the first sign of something much more serious.
Soon after, internal systems across multiple departments began failing. Staff reported being locked out of emails. Databases and digital records became inaccessible. Workflows that rely on instant access to files—from financial reports to court documents—suddenly came to a halt.
The county has not publicly confirmed whether this was a ransomware attack, but the speed and scale of the outage suggest hackers may have penetrated the system through one vulnerable entry point—likely an email or server tied to the Auditor’s Office—and moved laterally through connected networks. This type of attack, where malware spreads from one system to another, is common in local governments that rely on shared IT infrastructure.
In response, Lorain County brought in third-party cybersecurity experts to assess the damage and assist in recovery. The county’s insurance provider is reportedly involved in coordinating the response, and the incident is under active investigation. As of now, officials have not said whether personal data such as tax information, payroll records, or property transfers were exposed—but they have also not ruled it out.
If you submitted sensitive information to a county department recently—such as a property deed, a public records form, a court filing, or tax paperwork—you have a right to ask whether your data was affected. Residents with concerns should contact the department they interacted with and ask for a breach notice or update. If personal data such as Social Security numbers, account numbers, or medical files were accessed or exposed, the county would be legally required to notify you under Ohio data privacy laws.
This is the moment to monitor your financial accounts, credit reports, and email for suspicious activity. If you receive unusual messages that seem to reference government services or documents, do not click links or download attachments—especially if they come from unfamiliar addresses. When in doubt, call the office directly using a phone number listed on the official county website.
The full scope of this attack is still unfolding, but one thing is already clear: what began as a quiet system error in a single office quickly became a countywide crisis. The public deserves full transparency about where it started, how far it spread, and what’s being done to make sure it doesn’t happen again.
Why This Matters
Cyberattacks aren’t just rare disasters anymore—they’re becoming a regular threat to governments across the country. From Atlanta to Baltimore, entire cities have been brought to a standstill by hackers who locked up data, shut down public services, and demanded enormous ransoms. In some cases, even emergency services were paralyzed. Those cities spent millions just to recover—and in some towns, leaders felt forced to pay off the attackers just to get back online.
What’s changed now is the size of the targets. Hackers used to focus on big cities with massive budgets. But more and more, they’re turning their attention to small and mid-sized counties like Lorain. That’s because smaller governments often don’t have large cybersecurity teams or up-to-date systems. The defenses are weaker. The backup plans are thinner. And the stakes are just as high.
When a county like Lorain loses access to court records, dispatch systems, or payroll accounts, it’s not just a computer problem—it’s a full-blown governance crisis. Trials get delayed. Probation officers can’t do their jobs. Parents can’t file for custody or get protection orders. People who rely on public services are left in limbo.
Attackers know that. They count on it. They know that when pressure builds—when public safety is threatened or legal obligations stall—local officials may feel trapped. That’s what makes these attacks so effective. They don’t just lock files; they force governments into desperate choices.
This is why cybersecurity can no longer be treated as an afterthought. It’s not just an IT concern tucked away in a back office. It’s a frontline defense against modern threats—and its failure impacts every voter, every taxpayer, and every family that depends on basic government services to function. If we ignore that reality, we’re not just risking downtime. We’re risking democracy at the local level.
Can This Be Prevented?
Yes, this kind of attack can absolutely be prevented—or at least the damage can be reduced. But only if counties take cybersecurity seriously, not just after something breaks, but before. Prevention isn’t about luck. It’s about preparation, smart decisions, and having the right tools in place.
The first line of defense is the people who work in county offices every day. Many cyberattacks start with something as simple as an email. Hackers will send a fake message that looks real—maybe pretending to be from another employee or a vendor. These emails often have links or attachments that, when clicked, secretly install bad software that gives the attackers a way inside the system. That’s called phishing. It’s the most common way hackers get in. But it’s also one of the easiest to defend against—with training.
Employees need to be taught how to spot warning signs: strange email addresses, urgent language, bad spelling, or unusual attachments. Even 20-minute training sessions a few times a year can make a big difference. And they don’t cost much. In fact, the state and federal government often offer free cybersecurity education for public agencies. Not using those resources is like leaving your front door open when you go on vacation.
The next step is stronger passwords and two-step login systems. If a hacker gets someone’s login info, they still can’t get in if the system requires a second step—like a code texted to your phone or an app confirmation. This is called two-factor authentication. It’s used by banks, social media platforms, and schools—and should be used by government too.
Another key protection is secure backups. Every system should have backups of important files stored in a safe place—ideally on a server that hackers can’t access, or even offline. That way, if hackers lock or delete files, the county can recover quickly without paying any ransom. Some counties even do weekly backups to flash drives or cloud storage that stays disconnected unless needed. It’s low-tech, but it works.
Also important is updating old software. Many government offices still use outdated programs that haven’t been updated in years. That’s dangerous, because old software often has holes that hackers already know how to exploit. Updates and security patches fix those problems. Counties should schedule regular updates and, where needed, upgrade their equipment entirely. Yes, it costs money upfront—but it’s much cheaper than paying hackers, losing data, or rebuilding an entire network after an attack.
Finally, counties need an emergency plan. Just like schools have fire drills, governments need cyberattack drills. That means knowing who to call, how to shut down infected systems, how to tell the public what’s going on, and how to bring everything back online safely. If no one knows what to do when systems go dark, panic sets in—and mistakes follow.
And let’s talk about the cost. Some people argue that cybersecurity is too expensive. But compared to what? A single cyberattack like this can cost a county hundreds of thousands—or even millions—of dollars. Baltimore’s attack in 2019 cost $18 million to recover from. Atlanta’s cost $17 million. And in Lorain, we don’t yet know the financial hit, but we’ve already lost days of court access, 911 reliability, and public trust. The cost of doing nothing is far greater.
Many solutions—like password upgrades, staff training, backups, and planning—are affordable. Some are even free with state or federal help. What’s needed most is commitment. That means leadership willing to prioritize cybersecurity as a basic service, not just an IT problem. It’s like locking the courthouse at night. You wouldn’t skip that just to save money.
We don’t know yet if Lorain County was doing any of this. Were their systems backed up? Was staff trained? Was there a cyber response plan ready? That’s the kind of transparency we need now—not just for accountability, but to make sure we’re better protected next time. Because this isn’t just about files or emails. It’s about public safety, trust, and whether government will be there when we need it most.
The good news is we can learn from this. But that only happens if we admit what went wrong, take action, and make sure our digital defenses are as strong as the values we claim to protect.
Final Word
It’s easy to think cyberattacks only happen to big cities or massive corporations. But the truth is, the smaller the target, the softer it often is. And that’s exactly what makes counties like ours so appealing to hackers. We rely on computers for nearly everything in government now—from recording births and deaths to running the court system, the 911 dispatch line, and even how property taxes get paid. When those systems go down, it’s not just an inconvenience—it’s a breakdown of trust, safety, and basic service.
Lorain County’s government was caught off guard. We still don’t know exactly how much was damaged, who is responsible, or whether personal data has been taken. But the silence from officials in the first 48 hours of this crisis says a lot. When systems fail and leaders go quiet, the people lose confidence—and that is sometimes harder to rebuild than any server.
What happened this week isn’t just a tech issue. It’s a leadership test. Because how our county reacts next—how honest it is, how fast it responds, and whether it invests in protecting us going forward—will show if this was just a one-time stumble or a sign of deeper problems. We cannot afford to treat cyberattacks like freak accidents. They are the new storms. They are the new break-ins. And they are coming whether we are ready or not.
If Lorain County wants to earn back public trust, it has to tell the truth, share the plan, and show the people it’s willing to modernize—not just patch up broken systems but build a stronger future.
We deserve a government that works. And when it breaks, we deserve leaders who won’t hide behind vague statements or blame the weather. This time, the storm was digital. But next time, the damage might be even worse. Let’s get it right now—before someone else decides to test us again.