DALLAS — Data allegedly from the hot cyber attack on Dallas County methods has been posted on-line, county officers showed on Tuesday.
Dallas County Judge Clay Jenkins stated officers have been “aware of an unauthorized party posting data claimed to be taken from our systems in connection with our recent cybersecurity incident.”
Jenkins stated county officers have been “thoroughly reviewing the data in question to determine its authenticity and potential impact.”
It wasn’t but transparent what explicit data was once accessed or posted.
The ransomware cybercrime group referred to as “Play” claimed duty and had threatened to expose personal county paperwork on Nov. 3.
Jenkins had launched a remark on Oct. 30 confirming {that a} cybersecurity attack affected the county’s methods previous that month. Jenkins stated the county changed into conscious about an incident affecting “a portion of its environment” on Oct. 19, and stated the county each instantly took steps to comprise it and engaged an outdoor cybersecurity company to begin an investigation into the breach.
Dallas County shared in an replace final week that, because of containment measures, the data exfiltration from the county’s surroundings was once interrupted, combating any encryption of its information or methods. County officers stated the incident perceived to were successfully contained, in part because of applied safety features – together with in depth deployment of an endpoint detection and reaction device, forcing password adjustments for all the methods’ customers, requiring multi-factor authentication and blockading ingress and egress site visitors from IP addresses discovered to be malicious.
Here was once Jenkins’ complete remark from Tuesday, when the data was once allegedly leaked:
“Dallas County is conscious about an unauthorized celebration posting data claimed to be taken from our methods in reference to our fresh cybersecurity incident. We are recently within the strategy of completely reviewing the data in query to resolve its authenticity and possible affect.
We perceive the troubles that such an incident would possibly lift amongst our citizens, workers, and companions. We need to guarantee everybody that we’re taking this topic severely. Our best precedence is the protection and privateness of all people related to Dallas County.
Our investigation into the incident stays ongoing and we proceed to paintings carefully with regulation enforcement and our cybersecurity mavens to deal with this case. As the investigation progresses, when our evaluation determines non-public information has been concerned, we will be able to notify the affected people without delay.
We are dedicated to transparency and can supply updates as extra information turns into to be had. All updates shall be posted to this webpage. We inspire you to discuss with it continuously. Moreover, we inspire everybody to discuss with the Federal Trade Commission’s website online at https://client.ftc.gov/options/identity-theft. This useful resource supplies precious information on the right way to safeguard non-public information.
We sincerely admire your working out and endurance as we navigate via this case.”
Play is the same group that took credit for a ransomware attack on the city of Oakland, Calif., earlier this year. That attack was so severe it triggered a local state of emergency after personal financial information was leaked online.
Oakland Councilmember Noel Gallo told WFAA the recovery process lasted months, becoming a challenging and costly obstacle for the city.
“They had get right of entry to to all of our information. From banking information to house bills, they’d an entire package deal,” Gallo said. “My telephone and my laptop machine did not paintings for months.”
Gallo said the cybersecurity attack in Oakland affected the city’s retirees and current employees.
The cybersecurity attack on Dallas County is just the latest breach on local North Texas governments in 2023.
In early May, the City of Dallas suffered a ransomware attack that crippled city systems for months and exposed information related to more than 30,000 people connected to the system.
In late June, the City of Fort Worth announced that it suffered a data breach of its own systems and that internal city information was posted online. Unlike the City of Dallas attack, Fort Worth officials said they believed the information acquired by their hack was “no longer delicate in nature.”
Major North Texas employers American Airlines and Southwest Airlines have additionally persisted primary cyberattacks this yr. In the ones cases, non-public information for greater than 8,000 candidates to change into pilots on the airways was once stolen when hackers broke right into a database maintained via a recruiting corporate in Austin in April.
More Texas headlines:
[/gpt3]