|
Getting your Trinity Audio player ready...
|
by ANDY FANCHER
***
Spartanburg County employees say the government network is facing what they describe as “deliberate attacks” from an unknown source — or sources — despite recent investments in cybersecurity upgrades.
Backed by dozens of internal emails obtained by FITSNews, one employee said the county network has been “besieged” by almost daily phishing attempts, unexplained outages and lingering damage from a 2023 cyberattack that wiped out years of government records.
Those emails reference at least three separate disruptions in recent weeks — an unexplained outage in July, a confirmed “cybersecurity incident” last week and another wave of employees unable to access county computers on Wednesday.
“We’re not sure who’s behind all these events,” an employee said, adding the latest round of coinciding technical issues appear to have briefly affected computers at the county administration office, the clerk of court’s office and the S.C. seventh circuit solicitor’s office.
While any direct link remains unconfirmed, an email provided to FITSNews shows that a phishing message referencing a “county team” was in at least some county inboxes that morning.
Whether anyone took the bait remains unclear…
***
?? SPARTANBURG COUNTY EMPLOYEES WARN OF ESCALATING CYBERATTACKS
— Andrew Fancher (@RealAndyFancher) August 14, 2025
Spartanburg County employees say the government network is facing what they describe as “deliberate attacks” from an unknown source — or sources — despite recent investments in cybersecurity upgrades.
Internal… pic.twitter.com/RBqnL2T77I
***
Wednesday’s problems followed an early August ransomware attack that, according to internal emails, disrupted “some online services,” including Munis — the county’s financial management system used for payroll, budgeting and other monetary functions.
“Currently only select people within the county have access to Munis,” the county’s communications manager wrote to all employees last Thursday. “We are unsure when others will have access, but you will be notified by IT once that happens.”
Multiple emails sent to county staff this week confirm the purchasing department is continuing to “encounter issues” with Munis, delaying “purchasing requests” for the county.
Employees say this is part of a long-running pattern, with one noting, “(Munis) goes down all the time,” with no explanation as to why.
Another system reportedly under siege is OnBase, the county’s central archive for scanned legal documents, case histories, contracts, marriage licenses and other departmental records — a platform described as “essential” to daily county operations.
Earlier this month, an interdepartmental email marked “high importance” warned staff to “be aware” of OnBase login failures, attaching a screenshot showing the employee’s credentials flagged as either “incorrect” or “locked.”
An additional email from the county’s IT director, sent earlier this summer, urged all employees to avoid opening a message from someone posing as a criminal investigator with the scandal-scarred Spartanburg County Sheriff’s Office (SCSO).
“If you received an email from Mike Mironenko around 6 p.m., please do not open or click the links,” the IT director wrote. “If you have, and have not already talked to Chris Lawson, please let me know via email.”
***
RELATED | SLED CASE REPORT LISTS CHUCK WRIGHT AS SUSPECT
***
“These phishing emails are targeting employees daily,” a county employee told FITSNews. “Not every employee receives the same phishing email… some receive them, others don’t.”
The county’s latest cyber problems echo a major breach from more than two years ago…
In April 2023, Spartanburg County announced it had “detected and responded” to a ransomware attack on its computer networks, notifying state and federal authorities and hiring a nationally recognized digital forensic firm (.pdf).
While officials stopped short of detailing the full scope of that breach, an SCSO deputy employed during the incident described a far more severe scenario — an “overnight attack” that spread across their network, encrypting sheriff’s office files with a .medusa extension.
“If it was hooked up to the internet, it was infected with the medusa file,” the deputy told FITSNews. “Even external hard drives.”
The deputy, who says they witnessed the aftermath firsthand, claimed SCSO was likely caught up in the attack as “collateral damage” and that hackers demanded roughly $2 million in ransom.
While it remains unclear whether that alleged ransom was paid, sources claim “everything” stored locally at SCSO was lost — with “everyone’s information” sold on the dark web and several deputies falling victim to identity theft.
“But of course, the county didn’t tell that to the public,” the deputy said.
At the other end of the county, a probate judge said in a post-attack statement (.pdf) that records entered into their database between January 2014 and April 2023 — nearly a decade’s worth — were lost to the incident.
More than two years later, efforts to rekey those records still appear to be underway.
“I just wonder if there is corruption at the center,” a county employee reflected this week. “It’s all just too coincidental.”
The latest wave of reported disruptions comes as Spartanburg County prepares for a closely watched sheriff’s race, with a runoff between Bill Rhyne and Rusty Clevenger set for Tuesday, August 19.
This story may be updated.
***
ABOUT THE AUTHOR…
Andrew Fancher is a Lone Star Emmy award-winning journalist from Dallas, Texas. Cut from a bloodline of outlaws and lawmen alike, he was the first of his family to graduate college which was accomplished with honors. Got a story idea or news tip for Andy? Email him directly and connect with him socially across Twitter, Instagram and Facebook.