Dallas County, one of the largest counties in Texas, has notified over 200,000 individuals that their personal information was exposed in a ransomware attack carried out by the Play ransomware gang in October 2023.
The Dallas County ransomware attack allowed cybercriminals to steal private documents and data from various county departments. In early November 2023, the Play gang added Dallas to their extortion site on the dark web, threatening to leak the stolen data if their ransom demands weren’t met.
Dallas County acknowledged the ransomware incident on their website shortly after, assuring the public that officials were reviewing the leaked data. However, the process of analyzing the stolen information took considerable time. As a result, Dallas set up a dedicated call center in January 2024 to address residents’ concerns about the delay.
Yesterday, Dallas County published an update on their website and began notifying the 201,404 people confirmed to be impacted by the. The exposed data varied for each individual but included full names, social security numbers, dates of birth, driver’s license information, state ID numbers, taxpayer identification numbers, medical records, health insurance details and more.
Those whose social security numbers and taxpayer IDs were revealed will receive two years of credit monitoring and identity theft protection services from Dallas County. Since the ransomware attack, Dallas has implemented Endpoint Detection and Response solutions, mandated password resets and blocked malicious IP addresses to strengthen network security.
Dallas and Surrounding Areas Dealing with Similar Incidents to Dallas County Ransomware Attack
Unfortunately, this wasn’t the first cybersecurity incident to affect government systems in the Dallas region. In November 2023, a Dallas County employee fell victim to a business email compromise scam, inadvertently transferring $2.4 million to fraudsters.
The City of Dallas also endured a ransomware attack the previous May from the Royal ransomware gang. The hackers were able to access police communications networks after leveraging stolen credentials to maintain access for weeks. Over 1 TB of data was also confirmed to be stolen from city systems.
With the ongoing digital threats faced by Dallas County and related organizations, it’s clear more must be done to protect citizen data and infrastructure from persistent ransomware attackers and other cybercriminals targeting government agencies across Texas and nationwide. The long term impacts of these breaches also remain to be seen.