Add Southampton County in Virginia to any list you may be keeping of governments hit by ransomware. According to their notification:
On September 6, 2022, a single server at Southampton was encrypted by a cyber criminal. Fortunately, Southampton fought off this cyber-attack with no interruption to essential County operations. However, after Southampton recovered from this incident, a single W-2 form appeared on the dark web with the criminal claiming that they removed sensitive data from the encrypted Southampton server. The server in question held some archived County information.
The types of information include name, social security number, driver’s license number, and/or address.
You can read their full notification on the Montana Attorney General’s website.
Updated November 27: DatabBreaches was alerted that this attack was the work of LockBit 3.0, who added the listing to their leak site in September with screencaps showing directory folders as well as some specific payroll-related info on county employees. Other than the proof pack, no data has been leaked on their site as of this date.