May 1, 2026 – This release updates the December 19, 2025 media notice from Mitchell County (the “County”) regarding its October ransomware attack. Mitchell County has completed its investigation and review of impacted County data and will be providing written notice to individuals beginning today. On October 20, 2025, the County detected ransomware on its computer network. As soon as it learned this, the County began working to investigate and determine the scope of the incident. The County also reported this incident to federal law enforcement and worked with nationally recognized third-party cybersecurity and data forensics consultants, the North Carolina Joint Cybersecurity Task Force and other state resources to assist it. As part of the investigation, the County determined that there was unauthorized access to its network between October 16, 2025 and October 20, 2025. During that time, the cyber criminals took certain data from the County network, which included personal information and protected health information. On April 1, 2026, the County completed its review of the impacted County data and began working to provide written notice of this incident. The affected information included name, address, Social Security number, driver’s license or state identification card number, financial account information, medical record number, and other sensitive data.