Search

St. Joseph County Says Claimed Data Breach Was Limited to Third-Party Virtual Faxing System

Cyber threats and incidents
By Evan Rowe

Related

AI and security

CyCognito Details Axios Supply Chain Attack After Malicious npm Releases Deliver Remote Access Trojan

CyCognito has detailed a software supply chain incident involving...
Read more
Founders, Analysts & Industry Voices

Iowa’s Cybersecurity Leadership Spotlight

Iowa’s cybersecurity leadership spans enterprise software, financial services, state...
Read more
Founders, Analysts & Industry Voices

Wyoming’s Cybersecurity Leadership Spotlight

Wyoming’s cybersecurity leadership spans higher education, state government, community...
Read more
Founders, Analysts & Industry Voices

West Virginia’s Cybersecurity Leadership Spotlight

West Virginia’s cybersecurity leadership spans state government, higher education,...
Read more
Founders, Analysts & Industry Voices

South Dakota’s Cybersecurity Leadership Spotlight

South Dakota’s cybersecurity leadership spans banking, higher education, consulting,...
Read more

Share

What happened

St. Joseph County said a claimed data breach was limited to a third-party virtual faxing system after the Handala Hack group alleged it had breached county computer systems and stolen two terabytes of data. The group claimed the exposed information included county employee information, police reports, court paperwork, health reports, and death certificates. County officials said the actual extent of the incident appears to be minimal and far smaller than what is being claimed. An IT official said a cloud-based fax server was hacked and that the history on that server goes back about 20 days. Officials also said all services remain up and running, no actual files were deleted, and only some cache files may have been lost. 

Who is affected

The direct exposure appears limited to files connected to the third-party virtual faxing system used by St. Joseph County. County officials said the breach may have exposed sensitive information, but they also said no server or system other than the third-party faxing service appears to have been breached. 

Why CISOs should care

This incident matters because it shows how a breach involving a narrow third-party service can still generate broader public claims about compromise of government systems. It also highlights the importance of quickly separating actual system scope from attacker claims when sensitive government records are involved. 

3 practical actions

  1. Separate attacker claims from verified impact: Move quickly to confirm whether a public breach claim reflects compromise of core systems or only a limited third-party service. 
  2. Validate third-party document workflows: Review whether virtual faxing or similar document-handling platforms hold sensitive files that could create outsized risk if breached. 
  3. Preserve service continuity during investigation: Ensure critical services can stay online while incident scope is verified, as county officials said all services remained operational. 

For more news about incidents involving exposure of sensitive records, click Data Breach to read more.

Previous article
Starbucks Breach Claim Alleges Theft of 10GB of Source Code and Operational Firmware
Next article
Discovery Education Appoints Kara Schlageter as First Chief Information Security Officer
AI and security

CyCognito Details Axios Supply Chain Attack After Malicious npm Releases Deliver Remote Access Trojan

CyCognito has detailed a software supply chain incident involving...
Founders, Analysts & Industry Voices

Iowa’s Cybersecurity Leadership Spotlight

Iowa’s cybersecurity leadership spans enterprise software, financial services, state...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.