Security Experts:

Connect with us

Hi, what are you looking for?



‘Coordinated’ Ransomware Attack Hits 23 Towns in Texas

A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed.

A ransomware attack hit 23 local government entities in Texas last week, the Texas Department of Information Resources (DIR) has revealed.

The attack was observed on the morning of August 16 and appears to have been launched by a single threat actor, the DIR announcement reads.

The State Operations Center (SOC) was activated soon after the attack reports started to come in, and DIR says that all of the entities that were actually or potentially affected appear to have been identified and notified.

A total of twenty-three entities have been confirmed as impacted so far, and the responders are working on bringing the affected systems back online.

While the current focus is on recovery, the responders are also investigating the origin of the attack, although no information on the threat actor behind it has been revealed so far.

“The State of Texas systems and networks have not been impacted,” DIR revealed.

DIR and numerous other agencies have deployed resources to support the affected entities, including the Texas Military Department, Texas Division of Emergency Management, the Texas A&M University System’s Security Operations Center/Critical Incident Response Team, and the Texas Department of Public Safety, among others.

While no details have been provided to date on the ransomware used as part of the attack, ZDNet suggests it could be a malware family that encrypts files and renames them with the .jse extension.

The threat has been around for at least a year, standing out in the crowd because it does not leave a ransom note behind.

The Texas ransomware attack comes only a month after Louisiana schools were targeted in similar malware assaults, prompting Gov. John Bel Edwards to issue an emergency declaration.

Also last month, LaPorte County in Indiana reportedly paid cybercriminals over $130,000 after having its systems infected with Ryuk, a piece of ransomware that prompted Jackson County in Georgia to pay a $400,000 ransom.

Related: Louisiana Schools Suffer Cyberattacks Ahead of Year’s Start

Related: Indiana County Pays $130,000 in Response to Ransomware Attack: Reports

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack