‘Don’t release’: Utah hack reveals murder case details, other sensitive data
Federal and state authorities reportedly are investigating a ransomware attack on a Utah county government that resulted in the leak of more than 2 million files, including sensitive material on a high-profile murder case. Hackers also released jail floor plans, crime scene photos and warrants issued by law enforcement.
A ransomware gang known as Interlock published the data — stolen from Box Elder County, Utah — on the dark web Tuesday. Box Elder County officials did not respond to a request for comment from Straight Arrow News.
The county government announced Aug. 6 it had “experienced a cybersecurity incident,” but it said it was working to ensure that no information had been compromised. A Salt Lake City television station reported that the FBI and Utah’s State Bureau of Investigation were looking into the breach.
On its website, Box Elder County said it would provide “frequent updates.” However, it has released no additional information since Aug. 6. It is unclear whether the county has alerted individuals whose personal data was exposed.
Government entities are frequent targets of ransomware gangs. In late July, a cyberattack against the city of St. Paul, Minnesota, shut down municipal computer systems and prompted state officials to activate a National Guard cybersecurity unit. Interlock later claimed responsibility and published more than 66,000 stolen files. Earlier this month, SAN reported on a data breach at the sheriff’s office in East Baton Rouge Parish, Louisiana. Leaked material included the names, telephone numbers and Social Security numbers of confidential informants in criminal investigations.
An analysis by SAN found that the Utah leak exposed data related to virtually every function of the Box Elder County sheriff’s office, including homicide investigations, the jail, the SWAT team, and investigations by a narcotics strike force. Hackers also released payroll data and other personal information on county employees.
‘Don’t release’
The leaked data contains extensive files on the case of Dylan Rounds, a 19-year-old Box Elder County resident who went missing in May 2022. His disappearance made national news, as did the discovery in April 2024 of his remains in a remote part of the county. A squatter on Rounds’ farm, James Brenner, pleaded guilty to murder last year.
Hackers released details from the investigation, all kept within folders titled “Don’t Release.” The contents included Brenner’s criminal history, lab reports, and photos and correspondence regarding the discovery of Rounds’ skeletal remains.
The case files reveal investigative techniques used in the case, including the extraction of data from Brenner’s cell phone using software from Cellebrite, a digital forensics company from Israel. Documents show investigators collected text messages and material from apps such as Snapchat and Facebook. They also relied on cell phone tower reports that helped detail Brenner’s movements.
Digital keys
The leaked data also includes such sensitive information as login credentials for multiple servers used by the county, as well as login credentials for two Verizon accounts used by the city’s IT department.
Digital certificates that could enable attackers to establish trusted connections with the county’s network and decrypt sensitive data are also exposed.
Court records and contact info
One folder contained hundreds of detailed court records regarding criminal cases between 2015 and 2023.
Another folder lists contact details for law enforcement officers across the state, including those from the Box Elder County Sheriffs Department, Brigham City Police Department, Utah Highway Patrol and Mantua City Police Department.
A disclaimer in red warns not to share any of the officer’s personal cell phone numbers.
Jail videos, photos and phone calls
Extensive files related to the Box Elder County jail and a Utah state prison mention policies about the use of force, restraints, contraband and weapons control, body cavity searches and perimeter security, among other subjects.
Reports from 2016 to 2025 reveal the details of use-of-force-incidents involving corrections officers, along with hundreds of audio and video recordings of interactions between prisoners and corrections officers. Several videos show physical altercations between prisoners.
Photos taken by corrections officers during investigations show an assortment of contraband, including a bedsheet noose used in a suicide attempt. Another image shows a cell covered in blood after an apparent hand injury, while another shows injuries on the back of an inmate’s head following an assault.
The leaked data also shows detailed floor plans of the county jail, receipts for bail bonds from 2015 and emergency procedures for everything from bomb threats, inmate escapes and mass casualty events.
SAN also found the recordings of phone calls made by inmates.
Crime scene photos
A folder titled “DETECTIVES” contains hundreds of images and videos taken during criminal investigations. In one example, a collection of crime scene photos show a deceased man in the cab of a semi-truck.
Others folders hold search warrants and forms filled out by law enforcement on child abuse and neglect, exposing personally identifiable information such as names, addresses, birth dates, telephone numbers and schools attended by children.
Public employee data
Payroll data and personal information on government employees is abundant. Employee files contain commendations, disciplinary reports and evaluations for corrections officers, court security, patrol officers, detectives and more.
In one disciplinary report, a detective was given a verbal warning after “making comments to a female Deputy about her pregnancy, and her husband that were offensive to her.”
Countless other folders contain data related to elections, temporary protection orders, completed marriage license forms and medical information.
Ella Rae Greene, Editor In Chief
