Ransomware victim disclosure
← All victimsRusk County, Wisconsin
listed as ruskcountywi.us · Claimed by Lynx · listed 7 months ago
Status timeline
- ListedDec 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Lynx
- Status
- Data leaked
- Country
- United States
- Sector
- Public Sector
- Listed on leak site
- Dec 23, 2025
About the victim
AI dossier — public-source company profileRusk County is a local government entity headquartered in Ladysmith, Wisconsin. It provides a range of public services to residents of Rusk County, including airport operations, ambulance/emergency medical services, and court systems, among other county departments.
- Industry
- County Government & Public Services
- Address
- Ladysmith, Wisconsin, United States
Attack summary
Severity: high — The victim is a county government operating critical public services including ambulance/emergency medical services and court systems. A data_published status indicates confirmed exfiltration and public release of data, which likely includes PII and sensitive government records affecting residents.The Lynx ransomware group claims to have attacked Rusk County, Wisconsin, with the disclosure status indicating data has been published. No specific data volume or ransom amount was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- County government records
- Public services operational data
- Court system records
- Emergency services data
- Airport operations data
What the group claims
Rusk County, Wisconsin is a community that provides services such as an Airport, Ambulance Services, Court Systems and other departments that service the community of Rusk County. Headquartered in Ladysmith, Wisconsin.
Sources
Source
Indexed 7 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

