Ransomware gang DragonForce yesterday took credit for a cyber attack on the city of La Vergne, Tennessee.
City officials on October 17, 2025 announced they were investigating a network incident that disrupted computer systems.
DragonForce says it stole 382 GB of data from La Vergne’s government servers. The group gave the town one week to pay an undisclosed amount in ransom, and threatens to release stolen data if the demand is not met.
La Vergne officials have not verified DragonForce’s claim. We do not know what data was compromised, how much DragonForce demanded in ransom, or how attackers breached the city’s network.
“The City of La Vergne is investigating a network incident that has temporarily disrupted certain computer systems. Upon discovery, the City immediately took affected systems offline and engaged cybersecurity professionals and law enforcement to assist with response and recovery. The FBI and TBI are working with us on the investigation,” says the city’s October 17 announcement.
“The City is committed to transparency and will share verified updates as they become available. Essential services, including public safety and water, remain operational.”
Who is DragonForce?
DragonForce is a ransomware gang that first started claiming responsibility for attacks on its leak site in December 2023. It operates a ransomware-as-a-service business in which customers pay to use DragonForce’s malware and infrastructure to launch attacks and collect ransoms. DragonForce often extorts victims twice: once for a decryption key to unlock infected systems, and again in exchange for not selling or publicly releasing stolen data.
Some of DragonForce’s other confirmed attack claims include:
- Strafford County, NH reported a March 2025 data breach that disrupted government systems for over a week
- Belk Department Stores notified victims of a May 2025 data breach
- Ikav Energy notified hundreds of victims of a December 2024 data breach
Ransomware attacks on US government
Comparitech researchers have logged more than 70 confirmed ransomware attacks on US government entities in 2025 to date. Those attacks compromised nearly 450,000 records and came with an average ransom demand of $1.18 million.
The largest such breach was reported by the Pierce County Library System in Washington, which notified about 337,000 people of an April 2025 breach claimed by Inc. The largest ransom demand came from Qilin, which wanted $4 million after it hacked the Cleveland, OH Municipal Court in February 2025.
Last month, the Georgia Superior Court Clerk’s Cooperative Authority says it refused to pay a $400,000 ransom to Devman, which claimed to steal 500 GB of data from the agency.
The village of Golf Manor, OH also reported a ransomware attack last month.
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Organizations must pay a ransom for the stolen data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About La Vergne, Tennessee
La Vergne is a city in Rutherford County, Tennessee. It’s home to nearly 40,000 people in the Nashville metropolitan area.
