Dallas County experienced a cybersecurity incident this month that affected parts of its network, an official confirmed on Monday.
In a statement to Recorded Future News, Dallas County Judge Clay Lewis Jenkins said that there is an ongoing investigation into the incident following claims by a ransomware gang that emerged over the weekend.
“On October 19, 2023, Dallas County became aware of a cybersecurity incident affecting a portion of its environment. We immediately took steps to contain the incident and engaged an external cybersecurity firm to conduct a comprehensive forensic investigation,” Jenkins said.
[…]
On Saturday, the Play ransomware gang posted the county to its leak site, claiming to have stolen an undisclosed amount of data, which it threatened to leak by November 3.
The group was behind the devastating attack on the government of Oakland, California — which left the city paralyzed for weeks and exposed troves of sensitive information about city residents, government officials and the local police department.
Jenkins, the Dallas County judge, said the county had brought in outside experts for help.
“Our foremost priority is the safety and security of our employees, the residents, and the public we serve. We have put in place stringent security protocols to safeguard our systems and data and are collaborating closely with our external cybersecurity specialists and law enforcement to address this situation,” he said.
“As the investigation is still ongoing, we do not want to make premature assumptions about the extent of impact or other details, which may evolve as the forensic investigation advances.”
Jenkins added that the County will provide updates once more information is available.
That story also has some details about the City of Dallas ransomware attack, for which recovery efforts are still ongoing. WFAA adds on.
Jenkins said the county became aware of an incident affecting “a portion of its environment” on Oct. 19, and said the county both immediately took steps to contain it and engaged an outside cybersecurity firm to start an investigation into the breach.
“Our foremost priority is the safety and security of our employees, the residents and the public we serve,” Jenkins said in the statement. “We have put in place stringent security protocols to safeguard our systems and data and are collaborating closely with our external cybersecurity specialists and law enforcement to address this situation.”
The investigation is still ongoing, Jenkins said.
No details regarding the extent of the impact have been released as they may evolve during the advancement of the investigation, the statement said.
[…]
WFAA also spoke with Dallas County Senior Sgt. Christopher Dyer Monday. Dye is the president of the Dallas County Sheriff’s Association and worries hackers could have access to his and other county employee’s financial records.
“At this point we know very little and that’s the part that concerns us the most,” Dye said. “We really want Dallas County to be more forthcoming with information, let us know if our personal information has been released, and if so, we’d like them to sponsor some kind of credit monitoring. Personally, I’m very concerned about it. As soon as this interview is over, I’m gonna go lock down my credit.”
I’m sure there will be more details soon. I write about this stuff because I’m worried about it happening here. I’m sure we have good cyber people at City Hall and in Harris County, but all it takes is one click on a phishing email attachment or link that isn’t detected and contained in a timely fashion. If something like this does happen, it’s our personal data that will be exposed. I’m just trying to raise awareness. KERA has more.
Pingback: Dallas County says it successfully defended itself against that cyber attack | Off the Kuff