Fulton County officials are investigating whether any personal information was leaked during a cyberattack on local government systems in late January.

During a news conference held Tuesday, County Board of Commissioners Chairman Robb Pitts said a dark web site believed to be operated by multinational ransomware gang LockBit 3.0 was disrupted by the FBI and its international allies.

“Today U.S. and U.K. law enforcement are taking away the keys to their criminal operation,” U.S. Attorney General Merrick Garland said in a Tuesday morning press briefing.

The Department of Justice teamed up with the U.K.’s National Crime Agency and multiple other international law enforcement groups to bring down LockBit.

According to the DOJ, LockBit are suspected of being the criminals behind cyberattacks of roughly 2,000 victim agencies, extracting at least $120 million in ransom payments.

Last Tuesday, LockBit 3.0 claimed responsibility for encrypting many of the systems within the Fulton County government – which continues to impact services several weeks later.

The group posted on a dark web portal last week that Fulton County had until 12:47 a.m. on Friday to meet their demands or they would publish sensitive information about state citizens and county agencies.

“Documents marked as confidential will be made publicly available. We will show documents related to access to the state citizens’ personal data,” was written in a post on a dark web page administered by LockBit 3.0.


“After careful consideration and many, many factors, last week the Board of Commissioners decided we could not in good faith use Fulton County taxpayer funds to make a payment,” Pitts said.

Officials said they are conducting a thorough and comprehensive investigation into what exactly was compromised.

“I want to be straightforward with you and transparent. We still do not know,” Pitts said.

County officials said they will alert any resident whose personal information may have been compromised should any leaks be discovered.

Meanwhile, restoration efforts remain ongoing. More than half of government phone lines impacted during the cyberattack are back online, according to officials.

Early voting systems are not believed to be affected at this time, they added.

Reporter Patrick Quinn contributed to this report