An online blog post by a group claiming responsibility for Dallas’ ransomware attack says a leak of employees’ personal information and other data stored by the municipal government will happen soon.
In the post Friday, Royal noted the city saying there was no evidence that data from residents, vendors or employees has been released from Dallas servers after the May 3 attack. The hacker group in the post replied that “the data will be leaked soon.”
“We will share here in our blog tons of personal information of employees (phones, addresses, credit cards, SSNs, passports), detailed court cases, prisoners, medical information, clients’ information and thousands and thousands of governmental documents,” the post said. As of Friday morning, no city information has appeared on the website, which lists at least several dozen other organizations the group claims to have taken data from, such as the Lake Dallas Independent School District.
Some of the posts about other organizations are accompanied by links to download files Royal claims to have stolen, but many others have no link.
The Texas Attorney General’s website lists the Lake Dallas Independent School District in its reports of data security breaches as of May 4. It says almost 22,000 Texans were impacted with names, addresses, Social Security information, driver’s license numbers, and financial and medical information among the data affected.
The AG’s office’s website said potential victims were notified by mail, but doesn’t list the name of any person or group responsible for the data breach.
The city of Dallas in a statement Friday said officials were aware of the website post and that personal information hasn’t been exposed.
“We continue to monitor the situation and maintain there is no evidence or indication that data has been compromised,” the statement said. “Measures to protect data are in place.”
See here for the most recent update. This is a bad scenario for Dallas if what the Royal group is claiming is accurate. If they really do have this kind of personal data of various people and they make it public, that’s not only a legal liability for Dallas, it’s also a terrible look for them since they’ve been saying they didn’t think any such data had been exposed. Again, if this is accurate, it means that either they didn’t have a good handle on what had been done by the attackers, or they just weren’t honest about it. Perhaps the attackers are conflating data taken from one breach with data taken from another, in which case it might not specifically be the city of Dallas’ fault, but that won’t be of much comfort to anyone whose data may be involved. We’ll just have to see when it shows up.
If this kind of data does get published, and it can be traced to the city of Dallas attack, then that raises bigger questions about how they did their business and how they responded to the attack. It also raises the stakes for every other government entity in Texas, since at this point Royal has a track record, and the locals aren’t doing enough to defend and protect themselves. I’d consider this a much bigger and more urgent problem than anything the Lege is dealing with right now, but then I don’t get the vapors at the thought of a drag queen or a kid reading “Heather Has Two Mommies”. The Dallas Observer has more.
Meanwhile, even if the personal data question turns out to be less than threatened, there are still other ongoing problems that have no end in sight.
Dallas police are struggling to access physical and digital evidence amid an ongoing ransomware attack that is disrupting trials, according to defense lawyers who are exasperated after more than three months of pervasive evidence storage issues.
The consequences played out Thursday in a murder trial, where a man was found guilty despite evidence being unavailable to jurors or lawyers. Last week, a jury couldn’t reach a unanimous verdict in another murder trial, where police were unable to produce a phone or shell casings.
“It’s the Stone Age again,” said Douglas Huff, president of the Dallas Criminal Defense Lawyers Association.
“This has pretty extensive implications,” he said. “Ultimately, all of this is causing horrendous delays and a clear message is that justice that is delayed is justice that is denied.”
The ransomware attack initiated by the group Royal on the city of Dallas has stretched into a third week, downing several departments. The city has said it could take weeks or months until services are fully restored.
While the county, which administers the courts, is not directly affected, some cases could be paused because electronic evidence catalogs are inoperable, communication is breaking down and internal police share drives and servers are compromised, according to attorneys.
Before the attack, the Dallas Police Department’s digital media evidence team was already sorting through hundreds of murder and capital murder cases to look for deleted digital evidence — an “incredible problem” affecting people accused of crimes, Huff said. That review is now on hold, according to police spokeswoman Kristin Lowman.
Claire Crouch, a spokeswoman for the Dallas County District Attorney’s Office, said Wednesday that it would be impossible to determine whether any cases would be affected by the ransomware attack.
The next day, the office sent out a news release saying prosecutors are working with Dallas police to “mitigate the impact.”
“We understand that timeliness is crucial in maintaining public safety and public trust, and we remain resolute in our dedication to upholding the law and ensuring that cases are filed and prosecuted effectively,” the statement Thursday said.
“We anticipate that the longer this goes on, the greater chance for obligations on the DA’s part will be affected.”
Lowman said city officials are working to bring the police evidence cataloging software back online. Without elaborating, she said police are manually accepting, inventorying and retrieving evidence, and the property unit is locating evidence.
The department did not immediately respond to a request late Thursday afternoon for comment about specific cases cited by defense attorneys as having inaccessible evidence.
Additionally, the city’s municipal courts have slowed to a crawl. According to a notice posted on the Dallas Municipal Court’s website, there will be no court hearings, trials or jury duty for the duration of the outage.
My previous inclinations had been to say that Dallas must be confident in its ability to recover from the attack without paying the ransom. I’m less sure of that now, but even if that is still the case, it’s not so good if the recovery in question takes that long. Degraded services aren’t much better than unavailable services.