Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



No Ransom Paid in Recent Attack, Texas Says

The Texas Department of Information Resources (DIR) says it is not aware of any ransom being paid to recover systems affected by a recent ransomware attack.

The Texas Department of Information Resources (DIR) says it is not aware of any ransom being paid to recover systems affected by a recent ransomware attack.

The incident took place on August 16, when more than 20 Texas local governments reported being infected as part of a coordinated assault. A total of 22 towns were identified as impacted by the attack.

The State Operations Center (SOC) was activated later that morning and, by August 23, all affected entities were already recovering, with business-critical services restored, DIR says.

“By day four, response teams had visited all impacted sites and state response work had been completed at more than 25% of those sites. One week after the attack began, all sites were cleared for remediation and recovery,” DIR said in a statement published on Thursday.

To date, more than half of the impacted cities are back to operations as usual, DIR reveals.

Previous reports suggested that the attackers might have asked for $2.5 million in exchange for the decryption keys that would provide access to the encrypted data, but DIR says no money has been paid to restore impacted systems.

“DIR is unaware of any ransom being paid in this event,” the statement reads.

Advertisement. Scroll to continue reading.

The Department said previously that all evidence suggested that a single actor might have orchestrated the attack, but no additional information on the attacker or the malware used has been provided.

“Information security is everyone’s responsibility. From IT providers to end users, we all must remain vigilant and practice good cyber hygiene practices,” Nancy Rainosek, the CISO of the state of Texas, commented.

The incident is only one of the many reported over the past few years. LaPorte County (Indiana), Jackson County (Georgia), Riviera Beach (Florida), Lake City (Florida), Atlanta, and Baltimore were previously hit by ransomware, and New Bedford is the latest victim of this type of malware.

Related: Ransomware Attack Locks Out New Bedford City Data

Related: U.S. Mayors Pledge Not to Give in to Ransomware Demands

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...