Spartanburg County, South Carolina, has finally restored core network services after a debilitating weeks-long outage that left residents unable to access internet-dependent county systems, process payments, or reach officials by phone. The announcement on June 29 marked the end of a protracted disruption that sparked a formal cyber investigation by state authorities, though county officials have remained tight‑lipped about the exact cause.
The outage, which began earlier in June, effectively paralyzed digital operations across one of South Carolina’s most populous counties. Tax payments, permit applications, court records, and even recreation registrations ground to a halt. Phone lines went dead, and county employees were forced to revert to manual processes. The South Carolina Law Enforcement Division (SLED) was called in to assist, underscoring the seriousness of the incident.
While county spokespeople declined to comment on the nature of the event—refusing even to confirm whether ransomware was involved—the length and severity of the outage point to a deliberate attack on the county’s network infrastructure. In similar municipal incidents across the United States, attackers have encrypted servers, exfiltrated sensitive data, and demanded extortion payments. Ransomware groups often target local governments precisely because their IT defenses are underfunded and they cannot afford prolonged downtime.
Weeks of Disruption: What Stopped Working
The impact of the outage rippled far beyond the county administration building. Residents reported being unable to pay property taxes online, forcing them to either pay in person with cash or check (a logistical challenge for many) or risk late fees. The Register of Deeds office, which processes real estate transactions, was unable to search or file documents electronically. This delayed home closings and title transfers, frustrating buyers, sellers, and real estate professionals.
Court operations suffered too. The county’s case management system went offline, making it impossible to look up court dates or file motions electronically. Attorneys and litigants had to rely on what one local lawyer described as “a patchwork of phone calls and paper files.” The county’s 911 dispatch was not affected, but non‑emergency phone lines were down, forcing residents to use alternative numbers or contact state agencies.
Even the county’s parks and recreation registration system was inaccessible, meaning parents couldn’t sign children up for summer camps online—a major inconvenience during the peak season. The outage highlighted how thoroughly modern county services depend on a stable IT backbone.
The Slow Road to Restoration
In a statement issued June 29, Spartanburg County said it had “restored core network services” and was working to bring remaining ancillary systems online. The phrasing—emphasizing “core” services—suggests that full recovery may still be weeks away. County Administrator Cole Alverson thanked residents for their patience and acknowledged the “unprecedented challenge” posed by the incident.
Sources familiar with the restoration effort, speaking on condition of anonymity because they were not authorized to discuss the response, described a painstaking process of rebuilding servers, restoring data from backups, and meticulously scanning systems for lingering threats. Crucially, the county appears to have had usable backups, which allowed it to avoid paying any ransom that might have been demanded—if indeed ransomware was the culprit.
The involvement of SLED’s cybercrimes unit indicates an active criminal investigation. Such probes typically focus on tracing the origin of the intrusion, identifying the threat actor, and gathering evidence for potential prosecution. To date, no arrests have been announced, and federal agencies such as the FBI or CISA have not publicly acknowledged assisting.
A National Epidemic of Municipal Cyberattacks
Spartanburg County is only the latest in a long string of local governments hammered by cybercriminals. In 2022, the city of New Bedford, Massachusetts, paid a $400,000 ransom after suffering a ransomware attack. Dallas, Texas, faced weeks of disruption in 2023 when the Royal ransomware gang infiltrated its systems, affecting police and fire departments. In 2024, Cleveland was forced to shut down city hall for three days following an attack.
Experts say local governments make attractive targets because they hold valuable personal data—Social Security numbers, financial details, health records—yet often lack the cybersecurity budgets and expertise of larger corporations. The shift to remote work and cloud services since the pandemic has expanded the attack surface, giving criminals more entry points.
“We are seeing a perfect storm,” said Brian Donahue, a former state cybersecurity coordinator now consulting with municipalities. “Small and mid‑sized counties are managing critical infrastructure with IT teams that might be two or three people. They’re outgunned. These incidents are going to continue until there’s a fundamental change in how local governments invest in cybersecurity.”
The Cost of Downtime
Beyond the immediate disruption, Spartanburg County will likely face significant financial fallout. The county may incur emergency IT expenses, including bringing in external incident response consultants. There is also potential revenue loss from delayed tax collections and fees. Moreover, if sensitive resident data was exfiltrated, the county could face regulatory fines and class‑action lawsuits.
Insurance coverage will be tested. Cyber insurance policies for municipalities have become substantially more expensive in recent years, with some insurers dropping coverage for entities that cannot demonstrate adequate security measures. It remains unclear whether Spartanburg County carried a policy at the time of the outage or what its coverage limits were.
Residents, too, will feel the sting. Those who had personal data housed by the county—such as employees, benefit recipients, or court‑involved individuals—should monitor their credit reports and account statements for signs of fraud. As of now, the county has not confirmed any data breach, but standard practice after such outages often uncovers that data was stolen.
What Comes Next
With core systems functional again, the county’s focus will shift to forensic analysis, hardening its network, and restoring public trust. County council members have already called for a thorough after‑action report and a review of IT policies. Some community voices are demanding greater transparency about what occurred and what steps will prevent a recurrence.
A public briefing is expected once the SLED investigation concludes its most sensitive work. For now, the county’s digital heartbeat has returned, but the long‑term prognosis for municipal cybersecurity remains grim. Local governments across the country would do well to heed the lesson of Spartanburg County: in an era of relentless cyber threats, prevention is far cheaper than the cure.
As the county resumes full operations, one thing is certain—residents and officials alike will never take for granted the quiet hum of a functioning government server.