COBB COUNTY, Ga. (Atlanta News First) – In March, when Cobb County systems were down, it was because of a cyber attack, county officials said Friday.
“They want money, plain and simple,” said Rick Hudson, chief technology officer of Critical Path Security.
Hudson has been in cybersecurity for decades.
“We have a network of web crawlers that we use to look for client names, look for anything around us, all of the surrounding counties,” said Hudson.
He said the Russian-speaking threat actor group “Qilin” is responsible for the March breach. He said they have already started sharing what they obtained and are threatening to release the information within two days.
“The Qilin group published to a dark website, 16 sample pictures of information they have. Those pictures range from autopsy photos to driver’s license pictures, social security card pictures,” said Hudson.
Hudson said they have 400,000 documents ready to publish on the dark web, unless Cobb County pays the ransom.
“The official stance from the federal government and everybody is we don’t deal with terrorists. We don’t deal with threat actors. We don’t pay them,” said Jared Haviland, information security officer with Critical Path Security. “From a realistic standpoint, if you can’t get the data back any other way what are you going to do?”
In a statement, a Cobb County spokesperson said it is aware of the recent social media reports on the attack of the network.
“At this time, we have not confirmed the accuracy of these claims, and we will not speculate on information allegedly found on obscure parts of the internet,” a Cobb County spokesperson said in a statement. “Cobb County Government—and by extension, those we serve—was the victim of a cyberattack. Upon discovering the intrusion, we immediately followed established protocols, took our systems offline, and restored operations shortly thereafter. A third party issued a ransom demand, which we declined. We refuse to support or enable criminal enterprises, even when faced with difficult choices. While we understand this may offer limited comfort to those affected, standing firm sends a clear message: bad actors will not profit from this crime.”
The county spokesperson said the investigation is ongoing.
“If we determine that specific personal information is at risk, Cobb County will provide those individuals with credit monitoring and identity theft protection,” the spokesperson said. “We also urge all residents to remain vigilant. Monitor your financial accounts closely and immediately report any suspicious activity to your financial institution. Currently, there is no evidence that any individual has experienced harm due to this incident.”
“Finally, we want to reassure the public that Cobb County’s network is secure, and it remains safe to do business with us. Please note that this remains an active law enforcement investigation, and there may be questions we are unable to answer at this time.”
Said Hudson: “Nobody would want their last memories of their family member to be published on the internet like that.”
Copyright 2025 WANF. All rights reserved.