“WE WERE HIRED BY THE STATE!” — Government Hackers Break Into A Courthouse For A Security Test, Unknowing The Furious Sheriff Was Waiting To Instantly Put Them In Cuffs!

In an unbelievable twist of bureaucratic incompetence and overzealous law enforcement, two cybersecurity professionals were arrested for “burglary” at a courthouse they were hired to test — all while carrying authorization letters from the Iowa Judicial Branch. This is the story of Justin and Gary, contracted by the state to probe courthouse security, only to become victims of a petty, vindictive sheriff who ignored facts, contracts, and common sense.

The operation was meticulously planned. The Iowa Judicial Branch had retained the cybersecurity firm Coal Fire to perform red team penetration testing on multiple courthouses, including the Dallas County Courthouse, between September 8–13, 2019. Their mission: simulate realistic attacks to uncover vulnerabilities, including lock-picking, RFID bypass, and physical entry after hours. Every step was authorized, documented, and approved by the state judicial authorities. Justin and Gary carried letters of authorization, rules of engagement, and contact information for state officials — essentially a “get out of jail free” credential to avoid misunderstandings with local law enforcement.

On the night of the test, everything was proceeding according to plan — until Sheriff Chad Leonard of Dallas County arrived. Before Leonard’s arrival, the contractors had coordinated with deputies on site, verified their identity, and explained their mission. Bodycam footage shows cordial and professional interactions with Deputies Sanchez, Marchant, Vanderly, and Hawk. There was no threat, no criminal intent, and no disruption. The hackers were cooperative, presenting identification and paperwork confirming they were contracted to test security. Everything checked out — until the sheriff’s ego entered the scene.

Leonard arrived at 12:56 a.m., furious that the courthouse, under his perception, had been “invaded” without his prior approval. Despite having no legal basis to contest the contractors’ authorization, he immediately ordered their arrest, ignoring both documentation and common sense. Deputy Marchant and others expressed concern, noting that the contractors had been compliant and professional, but Leonard insisted, “Cuff them,” turning a legitimate security test into a criminal incident.

Justin and Gary were arrested at the courthouse, handcuffed, and taken to the county jail. Their belongings, including laptops and security tools, were seized. They were booked and held for approximately 20 hours, initially on $5,000 bonds, later increased to $50,000 each at the bond hearing. The charges? Burglary in the third degree and possession of burglary tools — crimes that were entirely fabricated given the contractors’ legal authorization to access the premises.

The absurdity of the situation is compounded by Leonard’s continued public misrepresentation. Despite being fully aware that the contractors were hired by the Iowa Judicial Branch, he claimed they were “burglars” and “acting like terrorists,” even describing them as wearing ski masks — a claim directly contradicted by video footage. These false statements were disseminated in local media, spreading panic and confusion about what had actually occurred.

For six months, Justin and Gary were entangled in legal limbo. The county prosecutor initially refused to dismiss charges, despite the contractors’ indisputable authorization and cooperation. Both were effectively scapegoats in a turf war between county and state authorities, their freedom held hostage to bureaucratic pride. The sheriff’s personal affront over perceived disrespect from the state fueled the protracted ordeal, creating a Kafkaesque scenario in which innocent, law-abiding professionals were treated as criminals.

Eventually, the charges were dropped just one day before trial. This decision came only after relentless advocacy and presentation of the authorization documents proving the legality of the contractors’ actions. The six-month ordeal left Justin and Gary financially and emotionally strained, highlighting the real-world consequences of unchecked law enforcement authority.

Following the dismissal, the contractors filed a civil rights lawsuit against Dallas County. The litigation, which took years to resolve, culminated in a settlement of $600,000, reimbursing the contractors for wrongful arrest and the undue hardship imposed upon them. The case illustrates not only the personal toll of bureaucratic ego but also the fiscal cost to taxpayers when local officials prioritize pride over procedure and law.

Beyond the personal impact, the incident exposed systemic flaws in both state and county protocols. While the Iowa Judicial Branch had meticulously authorized and documented the security test, local law enforcement was not adequately informed, nor were there standardized procedures to prevent such miscommunication. Leonard’s decision to ignore verification and proceed with arrests underscores the dangers of centralized power without accountability.

The case also has broader implications for cybersecurity operations in government settings. Red team exercises, such as those conducted by Justin and Gary, are essential to uncover vulnerabilities in sensitive institutions. Arbitrary interference by local authorities — as seen with Sheriff Leonard — not only endangers the professionals involved but compromises the integrity and safety of the security testing process itself. Post-incident, the state and contractors emphasized the importance of clear communication channels between law enforcement and cybersecurity teams to prevent similar crises.

Community and professional reactions were unanimous in condemning the sheriff’s actions. Cybersecurity professionals, legal analysts, and civil rights advocates highlighted the danger of subjective enforcement of authority. The contractors’ work was necessary, lawful, and carefully controlled, yet personal animosity and bureaucratic pettiness transformed it into a near-criminal event. The $600,000 settlement, while a financial restitution, cannot fully compensate for the emotional strain, reputational harm, and professional risk incurred.

The event also became a cautionary tale about institutional overreach. It underscores the need for explicit protocols when contractors perform security testing in sensitive government facilities. Clear documentation, prior notification, and a recognition of authority hierarchies are essential. Additionally, it highlights the risks of individual actors overriding procedural safeguards, as Leonard’s unilateral decision to arrest the contractors demonstrates.

In conclusion, the Iowa courthouse incident is a rare but compelling example of how bureaucratic pride and law enforcement overreach can threaten innocent individuals performing legitimate work. Justin and Gary’s ordeal, from cooperative engagement to wrongful arrest and protracted legal battles, reveals the fragility of accountability when personal ego supersedes law. Their eventual vindication and settlement provide closure but also serve as a warning: without transparency, communication, and adherence to legal authorization, even the most mundane security operations can descend into chaos.

Closing Note:
Part 2 will examine the aftermath of the civil lawsuit, including policy reforms within Dallas County, procedural safeguards introduced for future red team exercises, and continued advocacy to protect cybersecurity professionals from similar abuse. The saga promises further insights into how bureaucratic failure and personal vendettas can endanger both innocent professionals and public security.