royal attacks Curry County

Incident Date:

May 16, 2023

World map



royal attacks Curry County


Curry County




Gold Beach, USA

Oregon, USA

First Reported

May 16, 2023

Curry County Local Government Suffers Cyber Attack

Curry County local government has suffered a cyber attack, preventing access to online files, including email.

“Everything that relates to county operations that was online is now gone. So our computers have to be completely wiped clean, and everything’s got to start over,” Curry County Commissioner Brad Alcorn said. “Our network has to start over. Our servers have to start over. We are essentially starting from scratch.”

“You couldn’t plug your computer into a printer and print a document right now,” he continued.

Discovery of the Attack

Curry County staff first discovered the attack on April 26th when a sheriff’s dispatch noticed that county information was inaccessible and encrypted.

Impact on County Operations

While the county still has control over Tuesday’s election and 911 dispatch calls, Alcorn reports that the attack has affected every other part of county government operations.

“Let’s say that you’re buying a house, and you have your interest rate loan locked, and you’re about to close on your mortgage agreement. We can’t record that right now. If you’re selling the house, we can’t record the sale of your home. If you’re trying to get a marriage license, it’s not going to happen right now,” he said.

Ransomware Group Claims Responsibility

The Royal ransomware group has claimed responsibility for the attack and requested a ransom to decrypt information, but Alcorn has declined to share the amount that was requested.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.