Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Attackers Demand Millions in Texas Ransomware Incident

The cybercriminals behind the recent ransomware incident that impacted over 20 local governments in Texas are apparently demanding $2.5 million in exchange for access to encrypted data.

The cybercriminals behind the recent ransomware incident that impacted over 20 local governments in Texas are apparently demanding $2.5 million in exchange for access to encrypted data.

The incident took place on August 16, when 23 towns in Texas revealed they were targeted in a coordinated attack to infect their systems with ransomware. The State Operations Center (SOC) was activated soon after and all of the impacted entities were quickly identified.

Although it initially said that 23 local governments appeared affected, the Texas Department of Information Resources (DIR) has since revealed that only 22 towns suffered following the attack. Responders have engaged with all of them to assess the impact of the attack.

“More than twenty-five percent of the impacted entities have transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual,” the DIR revealed in an update.

While the investigation into the attack continues, DIR says that evidence continues to suggest that a single threat actor was behind it. However, it did not provide additional details on the incident.

City of Borger was one of the victims, with its business and financial operations and services impacted by ransomware, although basic and emergency services continued to be operational.

“Currently, Vital Statistics (birth and death certificates) remains offline, and the City is unable to take utility or other payments. Until such time as normal operations resume, no late fees will be assessed, and no services will be shut off,” the city said earlier this week (PDF).

City of Keene was also affected, being unable to process utility payments.

Advertisement. Scroll to continue reading.

In both cases, no customer credit card or other personal information appears to have been impacted by the incident.

While authorities have yet to reveal any details on the attackers’ demands, Keene Mayor Gary Heinrich revealed that the hackers were apparently asking for a collective ransom of $2.5 million to unlock the encrypted files, NPR reports.

Related: ‘Coordinated’ Ransomware Attack Hits 23 Towns in Texas

Related: Louisiana Schools Suffer Cyberattacks Ahead of Year’s Start

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...