With so many cyberattacks being disclosed every day, a lof ot them never get reported on in the media. That’s not necessarily a bad thing, but some of them do contain sensitive personal information or could expose people — or the entity itself — to increased risk of future attacks.
One such incident involved Liberty Township in Butler County, Ohio. On June 14, Safepay added the township to its leak site with a claim of 48 GB of data. One link led to a file tree with a date modified stamp of May 5, 2025. The other link led to the data tranche.
As data leaks go, this one thankfully did appear to reveal a lot of very sensitive personnel information such as disciplinary actions or medical information exposed. But what did concern DataBreaches were two files belonging to a former administrative assistant that listed login credentials for dozens of sites, including secure portals. Not only were the credentials in plain text in these files, but the passwords were not complex and were frequently reused across accounts. The vast majority of the passwords started with “Liberty” or with the employee’s last name, and accounts for township utilities appeared to all reuse the same simple password.
DataBreaches did not attempt to test the login credentials to see if they would work, but did contact the township to ensure that they were aware of that leak and had changed the passwords. DataBreaches also asked other questions about the breach and how attackers had gained access.
Township Administrator Caroline McKinney responded to DataBreaches’ email with the following statement:
Thank you for reaching out. We can’t answer all your questions as this remains an ongoing investigation. I can confirm our community was the target of a ransomware attack in the early hours of Monday, May 5, 2025. We’ve been communicating with our Team throughout and are working with a 3rd party vendor to provide credit monitoring/identity theft services to those individuals affected. Yes, passwords have been changed Township-wide and employees have been alerted. Liberty Township has recovered its network and continues the never-ending process of improving security and mitigating risk to protect us from future unauthorized access.
DataBreaches also reached out to the former administrative assistant to alert them that if they use those passwords in their personal life or other work, they should immediately change them. We hope they haven’t reused them, but if they have, we hope they heed the alert.