Dallas County reviewing knowledge leaked by ransomware gang

Dallas County is within the means of reviewing data leaked by a ransomware gang claiming to have attacked the county final month.

In an announcement, Dallas County Choose Clay Lewis Jenkins informed Recorded Future Information that county officers are conscious that the ransomware gang that claimed the assault on their techniques has posted purportedly stolen knowledge.

“We’re at the moment within the means of completely reviewing the info in query to find out its authenticity and potential influence. Our investigation into the incident stays ongoing and we proceed to work carefully with regulation enforcement and our cybersecurity specialists to deal with this example,” Jenkins mentioned.

The Play ransomware gang, which is behind a number of headline-grabbing assaults this 12 months, posted the data it claims to have stolen on Tuesday morning. The gang mentioned it was posting 5 gigabytes of information and would publish extra “if there isn’t a response.” They haven’t mentioned how a lot knowledge was stolen in whole.

#Play has launched knowledge that’s claimed to narrate to #Dallas County. #ransomware #dallascounty 1/2 pic.twitter.com/D0usRlZTcv

— Brett Callow (@BrettCallow) November 7, 2023

Dallas County officers have mentioned they first observed the assault on October 19. The county is the second-most populous within the state of Texas, with 2.6 million residents. It’s house to Dallas, the ninth-largest metropolis within the nation, which has already handled its personal ransomware assault in 2023.

The county offered an replace on November 1 claiming its IT crew “interrupted knowledge exfiltration from its setting and successfully prevented any encryption of its information or techniques.”

“It seems the incident has been successfully contained, partly as a result of measures we’ve applied to bolster the safety of our techniques,” the county mentioned final week.

However in a message posted to its web site on Tuesday, the county acknowledged that residents, staff, and companions are involved concerning the potential for delicate knowledge to be leaked.

“Our investigation into the incident stays ongoing and we proceed to work carefully with regulation enforcement and our cybersecurity specialists to deal with this example,” they mentioned.

“Because the investigation progresses, when our evaluate determines private data has been concerned, we are going to notify the affected people instantly.”

They pledged to supply extra updates within the coming weeks and urged county residents to go to the Federal Commerce Fee’s web site for id theft.

Whereas the county seems to have averted the sort of pricey remediation measures that the town of Dallas spent thousands and thousands on earlier this 12 months, knowledge theft continues to be probably the most damaging features of ransomware assaults.

Emsisoft ransomware skilled Brett Callow famous that of the 73 reported ransomware assaults on native governments this 12 months, 41 concerned knowledge theft.