NPR for North Texas
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

After ransomware attack, Tarrant County's chief appraiser visits cities to face questions

Joe Don Bobbitt, Chief Appraiser for the Tarrant County Appraisal District, spoke to the Watauga City Council Monday, May 13 in the first of several planned city presentations following a ransomware attack in March.
City of Watauga
Joe Don Bobbitt, Chief Appraiser for the Tarrant County Appraisal District, spoke to the Watauga City Council Monday, May 13 in the first of several planned city presentations following a ransomware attack in March.

Following a ransomware attack that compromised the information of about 300 people, Tarrant County's top appraiser is visiting local government entities to give insight into how the district will fix its security issues.

In the first of those meetings, Chief Appraiser Joe Don Bobbitt met with the Watauga City Council May 13 to give an update on the attack. Bobbitt, who was named chief appraiser in December, told council members that Watauga was the first city on a "tour" the Tarrant Appraisal District plans to make to hear concerns or comments.

"I was hired to improve relationships with entities and our taxpayers, and so that's part of the reason why I'm here tonight," Bobbitt said during the council meeting.

Bobbitt also visited the Keller City Council May 21 and spoke during Fort Worth ISD's public comment section on May 28, though the board could not respond since his presentation was not an agenda item.

In a statement, he said he plans to visit with the Haslet City Council Monday, Saginaw City Council Tuesday, Haltom City Council June 10, Lakeside City Council June 13, and Dalworthington Gardens City Council June 20.

During his speech to the Watauga City Council, Bobbitt told council members that the appraisal database was "not actually compromised" but hackers affiliated with the group Medusa did break into the district's servers. Although 98% of its data was backed up properly, TAD staff found some things that were not backed up, he said.

TAD's board of directors authorized the district to buy new software and hardware to try to fix the security issues, with a goal to move to a cloud-hosted system, he added.

"We have equipment and services and software that is 10-to-15 years old in most cases, and so a lot of things are out of firmware and is no longer supported, the machines are no longer supported," Bobbitt said. "We're well beyond the life of most equipment, and it was essentially a vulnerability."

The ransomware attack was the second confirmed attack in recent years, with the first dating back to October 2022.

Ultimately switching to a cloud service could be more secure, according to Jingguo Wang, an information systems professor at the University of Texas at Arlington. Adopting a cloud system would also require fewer resources because it don't have to deal with a physical infrastructure, which could save the district money.

While the district would still be responsible for securing data and transferring it to a cloud system, the cloud provider like Amazon or Google would take on the responsibility of keeping the cloud secure.

"I would say reasonably, it could be more secure, and reasonably going to save them some cost of managing, or maintaining, the security of the physical infrastructure," he said.

Bobbitt said as much during the Watauga council meeting, but Council Member Andrew Neal balked at the idea, saying it could also be more expensive to contract with services like Microsoft Azure or Amazon Web Services.

"I don't sit there and like hearing 'cloud' as a magic word," Neal said. "I mean, it's a magic word for spending a lot of money."

Neal, who has a background in cyber security, told KERA that a cloud system can be less secure than an on-premises system if it's not set up correctly.

This is not the first year that security has been an issue at TAD. The district also had a data breach in 2022. Similar to this year, unpatched web servers were one of the reasons for the data breach two years ago.

"It reflects in this attitude of security as an afterthought when it should be actually on everybody's foremost thought," Neal told KERA.

Cal Wood, the district's former head of information systems, was fired and former chief appraiser Jeff Law resigned following the breach.

Wood was fired after a Fort Worth Star-Telegram inquiry revealed a recording that captured him telling coworkers he supported creating a "false narrative" for the media about TAD’s tech issues. Law resigned days later, following a vote of no confidence by Tarrant County commissioners.

When asked by Neal about how the hackers were able to get into TAD's systems, Bobbitt stopped short of revealing the details for security reasons. A report of how hackers were able to get into the system would be a "road map" for the best way to attack the district, he said.

But Neal said understanding what happened was important for accountability.

"If we're looking at and we're seeing the county adopting these really crazy poor practices and security, and it's got my data, it's got the mayor's data, it got all of our data on there, and it's not secured," Neal said, "it just, it calls into question about responsibility."

Got a tip? Email Megan Cardona at

KERA News is made possible through the generosity of our members. If you find this reporting valuable, consider making a tax-deductible gift today. Thank you!

Megan Cardona is a daily news reporter for KERA News. She was born and raised in the Dallas-Fort Worth area and previously worked at the Fort Worth Star-Telegram.