Explore the most impactful and damaging ransomware incidents targeting U.S. local government entities. This ranking details major cyberattacks that have disrupted critical public services, compromised sensitive data, and incurred significant financial costs for cities, counties, and state agencies across the United States. Learn about the scale of these security breaches, their operational consequences, and the challenges faced by municipal and state organizations in combating cyber threats and data encryption.
This widespread incident in late 2025 demonstrated the potential for a single ransomware attack to impact numerous local government entities across the U.S., disrupting critical emergency alert systems. Its broad scope highlights a significant and ongoing vulnerability for 2026.
Occurring in early 2026, this cyberattack on the Anchorage Police Department, stemming from a third-party service provider, exemplifies the growing threat of supply chain attacks. It highlights how critical law enforcement operations can be disrupted by vulnerabilities outside their direct control.
Emergency services were not affected
(+4)
As a very current event from April 2026, this attack on Winona County, the second it faced in the year, demonstrates the increasing frequency and persistence of ransomware threats. It also highlights the critical need for external support, such as the National Guard, in recovery efforts.
Reinforces the critical need to protect urban centers and infrastructure
This 2024 attack by the LockBit ransomware group serves as a prime example of the increasing threat posed by Ransomware as a Service (RaaS) operations targeting local governments. It illustrates a continuing trend that remains highly relevant for cybersecurity concerns in 2026.
Approved $8.5 million budget for system restoration
(+1)
This major 2023 attack significantly disrupted critical city services, including 911 emergency response and permitting processes, while also stealing terabytes of sensitive data. It is cited in 2026 reports as a clear example of the severe scale and consequences of attacks on local governments.
All the rankings you can imagine
Thousands of verified votes to discover the best. Your vote here counts
Similar to the Dallas incident, Oakland's 2023 ransomware attack caused significant disruption to city services and involved the theft of terabytes of sensitive data. It is highlighted in 2026 reports as a cautionary tale regarding the impact on city operations and data compromise.
Strengthening digital defenses
(+3)
This 2023 attack breached Columbus, Ohio's network, with hackers demanding nearly $2 million in ransom. It is cited in 2025 reports as a clear example of ransomware holding critical city data hostage, leading to potential service disruption and significant financial demands.
Sounded a wake-up call for other municipalities and government agencies
This landmark 2019 attack, which cost Baltimore an estimated $18 million and shut down services for months, remains a crucial reference point. It consistently demonstrates the devastating financial cost and prolonged operational disruption ransomware can inflict on large U.S. cities.
Received wide attention due to national importance
(+1)
The 2018 Atlanta ransomware attack paralyzed court systems and utility billing, costing over $17 million to recover. It is consistently referenced as a major incident that highlighted the devastating financial and operational consequences for large U.S. cities, influencing cybersecurity discussions years later.