© 2024 KERA News
News for North Texas
Donate
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

Dallas County investigating 'cybersecurity incident' months after city ransomware attack

KERA | By Megan Cardona
Published October 30, 2023 at 3:45 PM CDT
County Judge Clay Jenkins and Commissioner John Wiley Price at the Dallas County Commissioners Court meeting on Sept. 20, 2022.
Jacob Wells
/
KERA News
Dallas County Judge Clay Jenkins and Commissioner John Wiley Price at the Dallas County Commissioners Court meeting on Sept. 20, 2022. Jenkins confirmed the county was hit by a "cybersecurity incident" five months after a ransomware attack compromised City of Dallas personnel information.

Dallas County on Monday confirmed an investigation into what it's calling a "cybersecurity incident" that hit county systems more than a week ago.

The incident comes about five months after a cyberattack that compromised the personal information of 26,212 Dallas city personnel.

In a statement, County Judge Clay Jenkins said officials were notified of the breach on Oct. 19. The county has enlisted an outside cybersecurity firm to conduct a comprehensive forensic investigation into the incident, he said.

As of Monday, it was unclear who in the county was impacted by the cybersecurity attack or its scope.

"As the investigation is still ongoing, we do not want to make premature assumptions about the extent of impact or other details, which may evolve as the forensic investigation advances," Jenkins said in the statement.

On May 3, the city of Dallas was hit with a ransomware attack by an "unauthorized third party," which impacted benefits-related information maintained by the city’s human resources department.

Later that month the hacker group Royal threatened to leak sensitive information via their blog. At the time, city officials released a statement saying they were aware of the threat.

In late June, the Dallas City Council approved a $3.9 million cybersecurity contract, with little discussion. The contract authorized the city manager to pay the consulting group Netsync for “support of a threat and anomaly detection system” for the city’s IT department.

For weeks following that incident, Dallas officials claimed no sensitive information was accessed. But three months later, the city confirmed it had known personnel information was likely compromised as early as June 14.

The data breach included city names, addresses, Social Security numbers, medical information and health insurance information.

This story has been updated to note the City of Dallas ransomware attack was on May 3.

Got a tip? Email Megan Cardona at mcardona@kera.org.

KERA News is made possible through the generosity of our members. If you find this reporting valuable, consider making a tax-deductible gift today. Thank you.
Tags
Government Dallas CountycybersecurityransomwareGovernment
Megan Cardona
Megan Cardona is a daily news reporter for KERA News. She was born and raised in the Dallas-Fort Worth area and previously worked at the Fort Worth Star-Telegram.
See stories by Megan Cardona
Related Content