Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

October ransomware attack on Dallas County impacted over 200,000 people

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments. Dallas refused to pay the ransom […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information.

In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments.

Dallas refused to pay the ransom and the extortion group leaked the stolen documents in November 2023. Since the publication of the files, Dallas analyzed the document and determined the exact scope of the security breach.

Dallas County is now notifying over 200,000 individuals impacted by the ransomware attack.

“As the County previously shared with its residents and partners, on October 19, 2023, the County became aware of a cybersecurity incident affecting a portion of its environment.  Upon detection, the County promptly took steps to contain the incident and engaged third-party cybersecurity specialists to perform a comprehensive investigation, including to determine what data may be involved.” reads the Cybersecurity Notification Update published by the County. “During the investigation, the County established a dedicated call center for individuals to call should they have any questions relating to the incident and to obtain complimentary credit monitoring services should they have any concerns. The call center continues to be operational as of the date of this notice and will remain open for ninety days. The County recently completed its investigation and determined that certain information related to individuals may be involved.  The specific types of information impacted is detailed further below.

In response to the incident, the County took immediate steps to secure its information. The county deployed an Endpoint Detection and Response (EDR) tool across all servers and endpoints, enforced password changes for all users, and blocked traffic to and from identified malicious IP addresses. The County is investigated the incident with the help of external cybersecurity experts.

According to a data breach notification filed with the Office of the Maine Attorney General, the security breach impacted 201.404 individuals.

Compromised data includes names, social Security numbers (SSN), dates of birth; driver’s license/state identification numbers, and taxpayer identification numbers. For some individuals, certain types of medical information (e.g., diagnosis or conditions information) and health insurance information may be exposed.

Dallas County offered two years of credit monitoring and identity theft protection services to impacted individuals.

In May 2023, the IT systems at the City of Dallas were targeted by a Royal ransomware attack. To prevent the threat from spreading within the network, the City has shut down the impacted IT systems.

The attack impacted less than 200 devices and essential operations, like 911, remained working. 

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, ransomware)