HomeData BreachData of 200,000 uncovered in 2023 ransomware assault

Data of 200,000 uncovered in 2023 ransomware assault

Dallas County is notifying over 200,000 those that the Play ransomware assault, which occurred in October 2023, uncovered their private information to cybercriminals.

Dallas County is the second largest county in Texas, with over 2.6 million residents.

In October 2023, the Play ransomware gang added Dallas to its extortion portal on the darkish internet, threatening to leak information it stole throughout an assault on its programs, together with personal paperwork from numerous departments.

Dallas acknowledged the incident through a press release on its website a couple of days later and guaranteed the general public they had been reviewing the leaked information when Play revealed it in early November.

Because the leaked information overview took a variety of time and folks had been involved, Dallas arrange a devoted name middle in January 2024.

Yesterday, Dallas County posted an replace in regards to the incident on its web site and despatched data breach notices to 201,404 impacted people, together with Dallas residents, staff, and others who interacted with its public providers.

See also  Electronic mail addresses of 15 million Trello customers leaked on hacking discussion board

The varieties of information confirmed to have been uncovered differ per particular person and embody the next:

  • Full identify
  • Social Safety quantity (SSN)
  • Date of delivery
  • Driver’s license
  • State identification quantity
  • Taxpayer identification quantity
  • Medical data
  • Medical insurance data

These whose SSNs and taxpayer identification numbers had been uncovered will obtain two years of credit score monitoring and identification theft safety providers.

In response to the breach, Dallas County has carried out a number of security-strengthening measures on its networks, together with deploying Endpoint Detection and Response (EDR) options throughout all servers, forcing password resets, and blocking malicious/suspicious IP addresses.

Dallas’ cybersecurity struggles

Dallas County and the Metropolis of Dallas have each handled a number of damaging cybersecurity incidents not too long ago.

In November 2023, a Dallas County worker fell sufferer to a social engineering assault by enterprise e-mail compromise (BEC) scammers and despatched a fraudulent fee of $2,400,000.

In Could 2023, the Metropolis of Dallas suffered a breach from Royal ransomware, which compelled it to take offline elements of its IT infrastructure, together with police communications.

See also  Hacker claims Large Tiger data breach, leaks 2.8M data on-line

BleepingComputer discovered on the time that Royal was printing ransom notices on the Metropolis’s printers, which had fallen below the attackers’ management.

It was later established that Royal operators leveraged stolen account credentials to take care of entry to the compromised programs between April 7 and Could 4, throughout which they exfiltrated over 1 TB of information.


- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular