A recent ransomware attack on Greenville’s computer network has caused the city to lose access to police databases, utility billing systems, and other city services. City officials said the breach began on August 5 and confirmed that many of the systems remain out of service nearly a month later as recovery work continues.
According to city records, emergency dispatch and 911 services remain intact, but the attack has forced widespread workarounds in the city. However, the Greenville Electric Utility System, or GEUS, has paused late fees and disconnections since customers cannot reach their billing accounts online.
Residents are being asked to make payments in person. According to city officials, any amount paid above what is owed will be rolled into the next bill, while shortfalls will be carried forward.
Residents have also reported intermittent phone outages, according to statements released by the city. Greenville has filed a catastrophe notice with the Texas Attorney General’s Office, delaying the release of public records until systems can be restored.
Officials said about 20 outstanding records requests remain unfulfilled and may not be processed for several weeks, though some could become available as early as next Tuesday.
The attack has prompted Greenville to bring in outside help from cybersecurity experts and law enforcement agencies to assist in recovery. As of today, no ransom demands or stolen sensitive resident data have been disclosed. The city’s focus is on rebuilding access to essential records and restoring daily operations.
The recent attack on Greenville underscores the growing vulnerability of local governments nationwide as cybercriminals escalate their targeting of municipal systems. According to the security firm Emsisoft, more than 117 government entities were hit by ransomware attacks in 2024, with the actual number likely much higher because many incidents go unreported.
Analysts say municipalities are particularly at risk because they often depend on aging technology while operating with small cybersecurity teams. A report earlier this summer found that more than 80 percent of local governments employ fewer than five dedicated cybersecurity staff.
Human error, most often through phishing emails, remains one of the main points of entry. However, training programs have proven to reduce this risk dramatically, lowering susceptibility rates from one-third of employees to fewer than 5% after sustained exercises.
The growing cyber attacks on municipal systems have reached Washington and reignited debates over how to help cities defend themselves. Lawmakers are considering a requirement for ransomware incidents to be reported within 72 hours, a rule that advocates say could enable federal agencies to provide quicker aid and coordination. Some are also pushing for increased federal funding, pointing to the strain cities face as they attempt to maintain critical services with limited resources.
While Greenville’s predicament highlights the costs of falling behind, some experts argue that cities can no longer rely solely on reacting after a breach. This situation is prompting organizations to execute proactive measures like simulated cyberattacks on their own networks or “red team” exercises to expose weak spots before adversaries exploit them.
Cybersecurity specialists say municipalities, in particular, would benefit from such approaches because the stakes involve public safety, financial stability, and residents’ trust in government institutions.
The Greenville ransomware attack is a part of a broader story that carries implications far beyond one Texas community. The apparent truth is, cities of all sizes are increasingly being targeted, and the federal government is under mounting pressure to help local governments prepare before the next wave of attacks arrives.
