The Warren County Sheriff’s Office is currently investigating a cyber attack that resulted in the unauthorized access and theft of personal data belonging to employees and their relatives. In response to the breach, the agency has coordinated with federal authorities and cybersecurity experts to secure their network and provide credit monitoring resources to those affected.
The security incident was first identified on December 20, 2025, when suspicious activity was detected within the sheriff’s office computer network. Upon discovery, the department immediately launched a forensic investigation involving external cybersecurity consultants to stabilize the system and determine the full extent of the intrusion. Federal law enforcement agencies were also notified to assist with the criminal aspect of the breach.
As the investigation progressed, authorities confirmed that unauthorized actors had successfully gained access to the internal network. During this period of access, the cyber criminals managed to copy and remove a variety of sensitive data files from the department's servers. This prompted a comprehensive review of the compromised information to identify every individual whose privacy had been jeopardized.
The data removed during the attack contained highly sensitive personal identifiers that vary depending on the specific individual. Among the compromised records were full names, Social Security numbers, driver’s license information, and health insurance identification numbers. Because of the nature of this data, the sheriff’s office has begun the process of notifying those impacted to warn them of potential identity theft risks.
To mitigate the damage, Sheriff Brett Hightower stated that the office is providing notification letters that include access to free protective resources. These documents offer guidance on contacting credit reporting agencies, the Federal Trade Commission, and the Kentucky Attorney General. The sheriff emphasized that maintaining the confidentiality of personal information is a top priority and that the agency is committed to supporting those whose data was stolen.
Moving forward, the sheriff’s office plans to implement more robust internal processes and technical tools to prevent similar security failures in the future. The agency is currently evaluating its entire network infrastructure to make necessary security upgrades while continuing to monitor for any further signs of malicious activity. The investigation into the source of the attack remains active and ongoing.
Source: WCSO Investigating Cyber Attack Targeting Its Computer Network