Georgia’s largest county government is still repairing damage from an attack by hackers a month ago. The hackers shut down office phone lines, restricted clerks from issuing vehicle registrations or marriage licenses, and threatened to release sensitive data they claimed to have stolen unless officials paid a ransom. The ransomware syndicate LockBit took credit for the attack in Fulton County in late January. Fulton County includes most of Atlanta.

The group demanded payment, threatened to release residents’ personal information, and claimed to have stolen records related to the county’s pending criminal case against former US President Donald Trump. To increase the chances of getting paid, ransomware groups routinely steal data before activating malware. Some cybersecurity experts questioned whether the hackers actually possessed files relating to the trial against Donald Trump. The hacker’s deadline passed on Thursday, less than two weeks after law enforcement agencies in Europe and the US announced they had disrupted LockBit’s operations. After the takedown, LockBit resurfaced on the dark web and renewed its threat against Fulton County. No stolen data was released after the deadline passed, and county officials refused to pay.

Read More: Georgia’s Largest County Is Still Repairing Damage From January Cyberattack