A ransomware group called Qilin yesterday took credit for a March 2026 cyber attack on the local government of Rusk County, Wisconsin.
Rusk County officials said they experienced a “cybersecurity incident” in early March. The incident is still under investigation.
Qilin claimed responsibility for the attack on its data leak website on April 21, 2026. The ransomware group has taken credit for a large number of high-profile data breaches in the past few years.
Rusk County has not acknowledged Qilin’s claim and Comparitech cannot independently verify it. We do not know what data was compromised, if the county paid a ransom, how much Qilin demanded, or how attackers breached the county’s network. Comparitech contacted Rusk County officials for comment and will update this article if they reply.
This isn’t the first time that a ransomware group said it hacked Rusk County. In November 2025, the county suffered a three-day IT outage that was claimed by the Lynx ransomware gang the following month.
Who is Qilin?
Qilin is a ransomware gang that began claiming responsibility for attacks on its data leak site in late 2022. Based in Russia, Qilin mainly targets organizations with phishing emails to spread its ransomware. The group runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms.
Qilin has taken credit for 411 ransomware attacks in 2026 to date. Of those, 27 of the targeted organizations confirmed the attacks.
The attack on Rusk County is Qilin’s fourth against a government entity confirmed this year. The others are:
- Tulsa International Airport (OK) reported a January 2026 data breach
- CONPET S.A. (Romania) reported a February 2026 data breach
- Seal Beach (CA) reported a March 2026 data breach
Ransomware attacks on US government
Comparitech researchers have logged 16 confirmed ransomware attacks on US government entities in 2026 so far.
Earlier this month, Winona County, MN reported a cyber attack earlier this month. Like Rusk County, this is Winona County’s second potential ransomware incident.
Suffolk, VA earlier this week began issuing data breach notices (PDF) to 53 victims of a February 2026 data breach. The attack was claimed by the Cloak ransomware group.
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Governments must pay a ransom for the stolen data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About Rusk County, WI
Rusk County is home to more than 14,000 people in northwestern Wisconsin. The county seat and largest city is Ladysmith.
