Dallas County is dealing with a ransomware attack weeks after the commissioners court stressed the importance of cyber security.
Commissioners praised county IT staff during National Cyber Security Awareness Month in October.
Commissioner Theresa Daniel said the commissioners court wanted to recognize the IT department team "for the consistently amazing work they do to keep our system safe."
The team’s technology chief talked about training and adding more protection, like 2-step verification and complex passwords.
And Commissioner Andrew Sommerman joked with the court.
"So Commissioner Price would change his password from, "I love Clay Jenkins emoji heart?'" he quipped.
Two weeks, later no one is laughing.
County Judge Clay Lewis Jenkins said in a statement Monday that officials were notified of a "cybersecurity incident" on Oct. 19. And he said that the county had hired a cybersecurity firm to conduct a comprehensive forensic investigation.
The county announced Tuesday it would post online updates about the incident.
An update posted there stated that once the incident was detected, "we retained cybersecurity professionals to assist in our efforts to contain the threat, investigate the nature and scope of the attack, and enhance our security efforts to reduce the likelihood of recurrence..."
The update said that Dallas County also "interrupted data exfiltration from its environment and effectively prevented any encryption of its files or systems."
It listed several measures taken to "bolster the security of our systems," including password changes for all users to grant access to the county's systems, mandating multi-factor authentication, and "blocking ingress and egress traffic to IP addresses identified as malicious."
"Currently, there is no evidence of ongoing threat actor activity in our environment," the statement continued. Given these measures and findings, it appears at this time that the incident has been successfully contained and that Dallas County's systems are secure for use."
The county's cybersecurity woes came about five months after a May 3 cyberattack that compromised personal information for more than 25,000 Dallas city personnel.
The benefits-related information was maintained by the city's human resources department.
Later that month the hacker group Royal threatened to leak sensitive information via their blog. At the time, city officials released a statement saying they were aware of the threat.
In late June, the Dallas City Council approved a $3.9 million cybersecurity contract, with little discussion. The contract authorized the city manager to pay the consulting group Netsync for “support of a threat and anomaly detection system” for the city’s IT department.
For weeks following that incident, Dallas officials claimed no sensitive information was accessed. But three months later, the city confirmed it had known personnel information was likely compromised as early as June 14.
The data breach included city names, addresses, Social Security numbers, medical information and health insurance information.
The Dallas Central Appraisal District also was the target of a cyberattack about a year ago.
KERA's Megan Cardona contributed to this report.
Got a tip? Email Marina Trahan Martinez at mmartinez@kera.org. You can follow Marina at @HisGirlHildy.
KERA News is made possible through the generosity of our members. If you find this reporting valuable, consider making a tax-deductible gifttoday. Thank you.
