Public Safety

Ransomware attack on City of Dallas knocks police website offline, Dallas County

Breach Type – Unknown, Ransomware

WICZ
May 3rd, 2023

”The City of Dallas is dealing with a ransomware attack that took the Dallas Police Department website offline but so far appears to have limited impact on city services for residents, the city said in a statement on Wednesday.”
”City officials have "confirmed that a number of servers have been compromised with ransomware, impacting several functional areas," including the police department's website, the statement said.”
”Officials are working to contain the spread of the malicious software from city computer systems and to restore any affected services.”
”A computer system that processes records for the Dallas Court and Detention Services Department has been down since 6 a.m. local time on Wednesday, according to a person who answered the phone at the department Wednesday afternoon but declined to give their full name.”

Hidalgo County Adult Probation Office hit by ransomware attack

Breach Type – Unknown, Ransomware

myRGV.com
February 6th, 2023

"The Hidalgo County Adult Probation Office is recovering from a ransomware attack over the weekend. The incident happened Saturday but was resolved Monday, Hidalgo County Judge Richard F. Cortez confirmed.”
"Cortez said the office was able to retrieve the information without having to pay a ransom.”
”The Adult Probation Office was the only affected office, Cortez said. The judge also said the probation office runs under a different security system than other county offices.”

Texas County EMS Agency Says Ransomware Breach Hit 612,000, Tarrant County

Breach Type – Unknown, Ransomware

GovInfo Security
January 6th, 2023

"A municipal ambulance services provider that serves 15 cities in a Texas county has reported to federal regulators a ransomware breach potentially affecting 612,000 individuals, which is equivalent to nearly 30% of the county's 2.1 million population.”
“Metropolitan Area EMS Authority, a Texas government administrative agency that does business as MedStar Mobile Healthcare, reported the hacking incident to the U.S. Department of Health and Human Services' Office for Civil Rights on Dec. 19. MedStar, which provides ambulance services in Tarrant County, Texas, reported that on Oct. 20, it experienced "issues" with its network systems.”
“Colman McCarthy, an attorney at law firm Shook, Hardy & Bacon, which represents MedStar, tells Information Security Media Group the breach involved ransomware. MedStar did not pay a ransom but was able to fully restore its systems.”

MedStar 911 dispatch, patient care reporting systems disrupted after cyberattack, officials say, Tarrant County

Breach Type – Unknown, Data Breach

WFAA News
October 20th, 2022

"MedStar’s 911 computer-aided dispatch and patient care reporting systems were affected in a cyberattack Thursday, officials say.”
”MedStar spokesperson Matt Zavadsky says systems are currently being “diligently scrubbed and methodically being placed back online,” after the attack on the computer network was detected this morning.”
“At this time, there are no EMS service interruptions, but Zavadsky says employees were doing manual radio dispatching until they were confident the systems were secured. MedStar said it does not have any evidence indicating there was a breach of patient or 911 records.”

1.8 TB of Police Helicopter Surveillance Footage Leaks Online, Dallas County

Breach Type – Hacking, Data Breach

Wired.com
November 5th, 2021

“…newly leaked aerial surveillance footage from the Dallas Police Department in Texas and what appears to be Georgia's State Patrol underscore the breadth and sophistication of footage captured by another type of aerial police vehicle: helicopters.”
“The…group Distributed Denial of Secrets, or DDoSecrets, posted a 1.8-terabyte trove of police helicopter footage to its website on Friday. DDoSecrets cofounder …says that her group doesn’t know the identity of the source…The source simply said that the two police departments were storing the data in unsecured cloud infrastructure.”
“The vast majority of the leaked footage appears to come from the Dallas Police Department. In response to three screenshots from the leak, DPD public information officer Brian Martinez wrote in an email that “the pictures show screenshots of video from the department helicopter.”

The Austin Regional Intelligence Center, Travis County

Breach Type – Hacking, Data Breach

Wired
June 22nd, 2020

Over one million sensitive law enforcement files were released following cyberattack
Bad actors dumped a collection of 269 gigabytes of data
Officials advised that much of the information originated in law enforcement fusion centers

University of Texas at Arlington Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Irving Law Enforcement Officer Data, Dallas County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Arlington Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Fort Worth Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Saginaw Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Tarrant County Constables, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Fort Worth Federal Marshals, Tarrant County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Texas Department of Public Safety, Travis County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Hood County Sheriff’s Office, Hood County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Memorial Villages Police Department, Harris County

Breach Type – Hacking, Data Breach

Governing
July 24th, 2020

200 police departments were victim of massive data breach
Cyberattack revealed detailed private information such as names, phone numbers, addresses
Bad actors gleaned potentially-damaging information from thousands of homes

Cooke County Sheriff's Office, Cooke County

Breach Type – Unknown, Ransomware

Gainesville Daily Register
July 6th, 2020

Sheriff's office was victim of Independence Day cyberattack
Bad actors shared screenshots of sensitive data on the dark web
Hackers threatened to release the data within seven days

City of Austin Government & Police Department Websites, Travis County

Breach Type – Hacking, Other

KXAN
June 4th, 2020

City government website was taken out in cyberattack
Austin police department's systems remained operational
Hacker group Anonymous laid claim to the defacement

City of Robstown Police Department, Nueces County

Breach Type – Hacking, Ransomware

Caller
September 13th, 2019

Robstown Police Department victim of ransomware cyber attack, among 22 others hit across Texas
IT officials confirmed that the majority of ransomed data had been recovered
Data taken included evidence such as videos and photos, in addition to reports for investigations

Vernon Police Department, Wilbarger County

Breach Type – Unknown, Ransomware

Texomas
August 20th, 2019

Vernon Police Department among victims of Texas-wide ransomware attack
Vernon Police Chief stated that the shutdown made the department revert to older record-keeping methods
Department's master main files were unavailable and officers were required to take extra time filing paper reports

Graham Police Department, Young County

Breach Type – Unknown, Ransomware

Graham Leader
August 20th, 2019

Graham Police Department was among more than 20 agencies attack with ransomware in Texas
Texas DIR believed only a single bad actor had been involved in the coordinated attacks
Young County Sheriff confirmed that one of GPD's servers had been taken out with another being ransomed for $5,000,000

Graham Leader
August 23rd, 2019

IT officials confirmed that the ransomware attack came through an outdated server
IT officials further stated that they had just recently installed antivirus software which helped mitigate the attack
GPD servers were kept offline while the IT department further analyzed the attack

Bonham Police Department, Fannin County

Breach Type – Unknown, Ransomware

KXII
August 20th, 2019

Bonham Police was among 22 other victims in coordinated ransomware cyber attack in Texas
Bonham Police Chief confirmed department had been hit in attack
Officials confirmed that personal information had not been compromised

Robertson County Sheriff's Office, Robertson County

Breach Type – Unknown, Ransomware

KBTX
August 21st, 2019

Sheriff's Office victim in cyber attack that hit more than 20 entities in Texas
Officials advised that computers remained unaffected and that impact was minimal
Officials did not state whether a ransom had been paid to the attackers

City of Wilmer & City of Wilmer Police Department, Dallas County

Breach Type – Unknown, Ransomware

CBS Local
August 21st, 2019

IT experts worked around the clock to restore the Police Department, Water Department, and Library systems
The city of Wilmer is only just one of many cities facing a widespread ransom attack encrypting all files
It was estimated that restoration of nominal operations could be weeks away

Jackson County Government Systems, Jackson County Sheriff’s Office

Breach Type - Phishing, Ransomware

Victoria Advocate
June 30th, 2019

Services were still down to using pen and paper following the cyber attack holding their systems for ransom
It is assumed that the hackers were able to gain access through a phishing scheme, they were unwilling to pay ransom
As other options are being looked into the Sheriff’s office had continued to rely on pen and paper reports

Potter County Government Systems, Potter Co.

Breach Type - Unknown/Malware

My High Plains
April 22nd, 2019

Potter county is working to remove a virus that hit its systems
Data is left encrypted after the attack, early voting is not affected and will continue as normal
The district has made efforts to isolate the virus so that it doesn’t spread

ABC7
April 24th, 2019

Employees were left to pen and paper as the virus continued to spread
Normal systems are left compromised as cases are left untouchable as systems remain down
The sheriff’s office has to rely on other centers to run plate checks as other information is left to pen and paper

My High Plains
October 17th, 2019

Potter County, Texas victim of long-term damaging ransomware cyberattack
Sheriff's office lost data from December 2017 on
Officials believed affected offices back to normal

Fisher County Sheriff’s Office, Fisher County

Breach Type - Phishing, Ransomware

Double Mountain
March 29th, 2019

The sheriff’s office fell victim to a phishing attack on their email systems
Several files were held in ransom kept out of reach for the sheriff’s office
No demands were paid and the full damage of the attack is being looked into

City of Lancaster Emergency Outdoor Warning Sirens, Dallas County

Breach Type - Hacking, Other

Dallas News
March 12th, 2018

Officials state hacker activated tornado warning sirens within the city
Incident initially described as a malfunction, discovered to be person with hostile intent
City officials advised that technical experts would be consulted, law enforcement investigating

Bexar County Sheriff’s Office, Bexar County

Breach Type - Hacking, Other

Fox San Antonio
January 29th, 2019

FBI appeared at Bexar Jail after it appeared to be hacked
Several thousand pieces of hardware were checked for any evidence of tamper
Almost 40,000,000 files have been scanned

Lamar County Sheriff's Department, Lamar County

Breach Type - Hacking, Ransomware

ZD Net
January 10th, 2019

The malware infiltrated through remote desktop in a series of attacks
Services were down for the Sheriff’s office
Stored data became encrypted from the ransomware

City of Dallas & Dispatch System

Breach Type - Virus

Dallas News
February 5th, 2018

Virus slowed down/shut down multiple city services
Impacted Computer Aided Dispatch system
Outages continued for 2 days – dispatch restored at 5:30pm the first day

Columbus Police Department

Breach Type - Hack

Colorado County Citizen
May 30th, 2017

Catastrophic computer failure as servers went down
Affected in-car & body camera system, internal/external email, & accident reporting system
Columbus did not have its own IT contractor prior to incident
Implementing security measures as precaution

Malfunction of 156 Outdoor Dallas sirens

Breach Type - Hack

Route 50
April 9th, 2017

911 systems flooded with phone calls
Hack came from within Dallas
Public announcement to citizens advising not to call 911 about siren concern

Cockrell Hill Police

Breach Type - Ransomware

WFAA 8
January 25th, 2017

Lost video evidence and a cache of digital documents
No files/confidentials were breached to an outside source
Malware originated from Russia or Ukraine
Demanded $4000 in bitcoin
Department did not pay ransom after consulting with the FBI

Palm Hill Police Department

Breach Type - Ransomware

KRGV
September 21st, 2016

Years’ worth of data on the line
$250 ransom
Moved files before permanently losing data

Local Government

Tomball experiences ransomware attack; council authorizes city manager to spend money for recovery of city systems, data, Harris County

Breach Type – Unknown, Ransomware

CommunityImpact.com
December 30th, 2022

“During an emergency City Council meeting Dec. 30, Tomball City Council unanimously authorized City Manager David Esquivel to spend the necessary funds for the recovery of city systems and data following a ransomware attack. Esquivel said the cost for the recovery of city systems and data is projected to be over $50,000."
"The ransomware attack took place on the morning of Dec. 20 and affected a majority of the city’s networks, according to a Dec. 30 news release provided by the city. Esquivel said the interruption in certain services was first noticed by the police department."
"Emergency services such as 9-1-1, dispatch, police, fire and public works are still operational but there are ongoing issues with the city’s online payment systems. The city is waiving all late fees for utility bills due Dec. 30 as a result, according to the news release.”

Travis Central Appraisal District hit with ransomware attack; services temporarily limited, Austin County

Breach Type – Unknown, Ransomware

CBS NEWS - Austin
December 5th, 2022

“The Travis Central Appraisal District (TCAD) says it was hit with a ransomware attack on Monday that is limiting the level of service to property owners."
"In a press release, TCAD said property tax bills and payments with the Travis County Tax Office were not impacted.”
"The agency's phone lines and online chat are currently down as a result of the attack, but its website and search section are still online."

City of Huntsville investigating cybersecurity incident, Walker County

Breach Type – Unknown, Malware

KBTX
October 24h, 2022

“The city of Huntsville is investigating after a security incident impacted their systems. In a statement, the city said they took immediate steps to disconnect certain system functions to prevent further harm to their servers."
"Our goals right now are to remove any and all infections from our systems, make sure all devices are clean, and restore functionality,” a statement from the city said.”
"City offices are open and operational, but only cash and check payments will be accepted at this time. The city said it will not suspend services for non-payment as they work through the issue."

Dallas Central Appraisal District hacked, down for days, Dallas County

Breach Type – Hacking, DoS

The Real Deal
November 10th, 2022

”The Dallas Central Appraisal District’s website has been down for at least two days since it was hacked this week. The website, dcad.org, serves the Dallas County tax-assessor’s office and experienced a cyberattack that shut it down for the time being, D Magazine reports."
"The appraisal district doesn’t know who executed the attack or whether it was foreign or domestic, Cheryl Jordan, director of DCAD community relations, told the publication.”
”The website contains publicly available property valuations and plat maps for all of Dallas County, in accordance with state law.”

City of Huntsville addresses Cyber Security Incident, Walker County

Breach Type – Other, Data Breach

The Huntsville Item
October 24th, 2022

“The City of Huntsville reported a Cyber Security Incident on Friday that impacted multiple systems. According to a press release issued at noon Monday, the City took "immediate steps to protect our environment, including disconnecting certain functionality to protect against any further harm."
”"The investigation is in its early stages and ongoing," said City Manager Aron Kulhavy. "Our goals right now are to remove any and all infections from our systems, make sure all devices are clean, and restore functionality. We are working as quickly as we can to determine the scope and impact of the incident."
“The Huntsville Police Department has posted to their social media sites that computers are still down and unable to produce accident reports due to the network issues. Instead, citizens are directed to the Texas Department of Transportation’s website C.R.I.S. Purchase that allows citizens to find their crash reports.”

DeWitt County loses over $300k to cyber scam

Breach Type – Phishing, Other

Victoria Advocate
July 19th, 2022

“… a county employee responded to an email June 14 in which a scammer, posing as a court-approved vendor, asked to change bank account information. The change affected where future payment of the vendor's invoices were sent.”
“On July 5, the press release said, the county auditor became aware the electronic payment was made to an unverified account. Further inquiry revealed the vendor had not received any recent payments.”
“The $305,301.75 payment was made to a Bank of America bank account, County Judge Daryl Fowler said. The funds were then wire transferred to institutions outside of the United States…”
“She did note that the systems hit by the attack are not ones that control the operation of the sewage system.”
"Most of the money will be recovered through a cyber-scam insurance payment to DeWitt County of $250,000, Fowler said.”

Brooks County pays off hacker with tax dollars after ransomware

Breach Type –Hacking, Ransomware

KZTV 10
June 21st, 2022

"A recent ransomware attack on Brooks County’s Justice of the Peace and district courts, and finance department, cost it more than $37,000."
"The attack took place after an employee opened an email containing a link that allowed someone to hack their system."
"The only data that we had that wasn’t backed up was in our auditor's office, where we have our financial software.”
"The hacker demanded Brooks County pay them $93,000, but county commissioners negotiated with the hacker and eventually agreed to pay less than half that amount."

Guadalupe County investigating potential network breach

Breach Type – Phishing, Malware

Seguin Gazette
June 14th, 2022

“On Saturday, the county became aware of a network disruption impacting operations, Guadalupe County Emergency Management Coordinator Patrick Pinder said in a new release on Monday. Experts were investigating what happened and determining how bad it was, he said.”
“The Guadalupe County Sheriff’s Office, Emergency Management and information technology crews are helping with the investigation, Kutscher said. They notified the Texas Secretary of State’s office, the state’s office of court administration, the Department of Information Resources and other law enforcement agencies at the local, state and federal level to help…”
"The issue began when county email services were not functioning properly, Kutscher said. Guadalupe County has safety precautions built into its systems that ceases operations when abnormalities are detected, he said.”
“As of Monday evening, the county had discovered no evidence that any personal identifying information had been accessed or acquired. While things are being investigated, most of the county’s email addresses are being taken offline, Kutscher said. But a secure email address is in place for people in the public who have questions, he said.”

City of Amarillo thwarts cyberattack: no data lost, no ransomware deployed, Potter County

Breach Type – Hacking, Ransomware

ABC 7 Amarillo
March 13th, 2021

“A cyberattack on the City of Amarillo was successfully thwarted over the weekend.”
”According to the City, there is no evidence of a data breach at this time and no ransomware deployed.”
”Due to the City of Amarillo’s identification and quick containment actions, it appears that they prevented any destructive code from executing,” said Kevin Walsh, Senior Consultant SecureWorks. “Without these actions, this could have been a far more devastating situation.”
”As a precaution, the City’s email system will be offline until the IT department determines if was not affected by the attempted cyberattack.”

ABC 7 Amarillo
March 16th, 2021

”The City of Amarillo’s systems are fully back up and running after they identified what they called unusual behaviors on an IT system.”
”On Friday at noon, there were signs of a potential attack. By 2 PM all external connections were shut down as a precaution.”
”Gagnon explained this was a ‘zero-day attack,’ unlike an email with a virus infected link, it’s a new more sophisticated approach.”
”…the minute we have an incident like this, I report it to the Criminal Justice Information System. I brought an outside incident team that’s not City of Amarillo staff.”

Bexar County Appraisal District hit by ransomware attack, working to restore systems, Bexar County

Breach Type – Unknown, Ransomware

FOX San Antonio
March 21st, 2022

“The Bexar County Appraisal District said around 10 a.m. on Sunday, they were hit by a ransomware attack, which prompted mitigation efforts soon after.”
“They notified the FBI and the district's staff has been hard at work to restore all of their systems. The district's statement said that "initial forensics reveal that the systems were partially affected and damaged files are currently being restored.”
“The property records database was not encrypted from the attack. At this time, we are still in recovery mode and full assessments are ongoing. We are working to restore functionality as fast as possible; however, it may take a couple of days to restore full functionality."

Hackers breached computer network at key US port but did not disrupt operations, Harris County

Breach Type – Hacking, Other

CNN
September 29th, 2021

"In the case of the Port of Houston, the unidentified hackers broke into a web server somewhere at the complex using a previously unidentified vulnerability in password management software at 2:38 p.m. UTC on August 19, according to the Coast Guard report. The intruders then planted malicious code on the server, which allowed further access to the IT system.”
“Beginning about 90 minutes after the initial breach, the hackers stole all of the log-in credentials for a type of Microsoft software that organizations use to manage passwords and access to their networks, according to the report. Minutes later, cybersecurity staff at the port isolated the hacked server, "cutting off unauthorized access to the network," the advisory said.”
“A handful of security incidents in recent years have prompted US officials to focus more on maritime cybersecurity.”
”The Port of Houston is a 25-mile-long complex through which 247 million tons of cargo move each year, according to its website.”
“It's unclear who was behind the breach, which appears to be part of a broader espionage campaign.”

Texas Health and Human Services Commission and Texas Medicaid, State of Texas

Breach Type – Phishing, Data Breach

Dallas News
March 5th, 2021

A medicaid subcontractor for the state of Texas experienced a breach exposing tens of thousands of residents
The final report about the incident stated that information exposed included names, addressees, dates of birth, social security numbers, and more
In an attempt to restore the systems BRSI paid ransom to bad actors

City of Austin, Travis County

Breach Type – Hack, Data Breach

The Virginian-Pilot
December 18th, 2020

City government advised that federal authorities helped investigation
Bad actors are believed to have origins in Russia
Officials advised that personal information and critical systems remained intact

Snyder City Hall, Scurry County

Breach Type – Unknown, Ransomware

Everything Lubbock
December 7th, 2020

City hall forced to close following ransomware cyberattack
Officials stated they couldn't accept payments at time of attack
IT director advised that city's security efforts are always changing

Arkansas and Bowie County systems, Arkansas and Bowie County

Breach Type – Unknown, Ransomware

TXK Today
December 6th, 2020

City government was victim of ransomware cyberattack
Several agencies were affected, including courts
Outage increased wait times and left some services unavailable

ArkLaTex
March 22nd, 2021

Bowie County is about two weeks away from a full recovery, and that officials opted not to pay the ransom
County had cyber liability insurance that covered ransomware, but official were quoted as not wanting to reward bad behavior by paying the ransom
County operations were compromised for about six weeks with no major loss of information expected

Parker County Systems, Parker County

Breach Type – Unknown, Malware

Weatherford Democrat
October 19th, 2020

Parker County discovered they were impacted by computer security incident
The discovery prompted IT staff to quickly isolate the compromised systems to limit the spread of the attack
Parker County and supporting organizations are investigating the origins of this attack, however response and recovery are the county's top priorities at this time

City of Odessa, Midland County

Breach Type – Unknown, Data Breach

CBS 7
October 1st, 2020

City was victim to cyber attack through exploit in web payment portal
Breach only affected online users in payment system with Click2Gov
City is looking at a new payment system through different web portal provider

Town of Hollywood Park, Bexar County

Breach Type – Phishing, Malware

KSAT
August 16th, 2020

Bad actors attempted to steal nearly half a million dollars from the town
Two fraudulent wire transfers were taken from the city's funds
A trojan type virus was primarily the reason for this attack that was downloaded in phishing scam

George W. Bush Presidential Center, Dallas County

Breach Type – Unknown, Data Breach

Daily Wire
August, 3rd, 2020

The center was notified by its cloud based data management service that a ransom was paid to regain access to the centers data
Due to the nature of the attack the center believes that the data was not misused
The cloud service released public notice of the potential exposure in good faith that the data is not being used in bad motives

City of Austin, Travis County

Breach Type – Unknown, Malware

KXAN
June 4th, 2020

The attack was claimed by hacker group Anonymous stating they were the ones to take the website down
Following the attack the website was put back online stating that systems were functioning like normal again
Authorities are led to believe there will be further instances of attacks like these

City of Garrison, Nacogdoches County

Breach Type – Unknown, Ransomware

KTRE 9
February 12th, 2020

Officials believed local city and county hit in cyberattack
School district had hundreds of computers affected
Third party investigators were brought onboard to assist

City of Port Lavaca, Calhoun County

Breach Type – Unknown, Ransomware

Victoria Advocate
February 15th, 2020

Bad actors utilized ryuk ransomware in cyberattack
At last report, city had $50,000 repair bill
Officials confirmed files were encrypted and unaccessible

Department of Transportation, State of Texas

Breach Type – Unknown, Ransomware

KBTX-TV3
May 15th, 2020

Texas DoT website and servers taken out in cyberattack
Bad actors utilized ransomware in hit on services
State and federal law enforcement investigated

Office of Court Administration, State of Texas

Breach Type – Unknown, Ransomware

AbaJournal
May 12th, 2020

Ransomware used in cyberattack that hit Texas courts
Officials confirmed they would not pay the ransom
Press release indicated sensitive information remained intact

Grayson County Government Systems, Grayson County

Breach Type - Unknown, Ransomware

KTEN
February 24th, 2020

Emergency services remained unaffected after ransomware cyberattack
County officials reached out to state agency for assistance
Voting and elections processes remained unimpacted

Public Utility Commission of Texas (PUCT) website, State of Texas

Breach Type – Hacking, Other: Website Defacement

Electric Choice
January 28th, 2020

Texas Public Utility Commission was victim of cyberattack
Officials confirmed that no permanent damage had been done
Personal or confidential information was not stolen

Burnet County Government Systems, Burnet County

Breach Type – Unknown, Ransomware

Highland News
January 10th, 2020

Burnet County among several localities hit in cyberattack
Bad actor's utilized ransomware to breach servers
Attack happened prior to Christmas

Texas Department of Agriculture, State of Texas

Breach Type – Hacking, Other: Website Defacement

Gov Tech
January 7th, 2020

State agency's website defaced by bad actors from Iran
Officials advised that several attempts were traced to Middle East
Spokesperson stated that the cyberattack wasn't a hack

City of Ingleside, San Patricio County

Breach Type – Unknown, Ransomware

KIIITV
January 2nd, 2020

Ransomware attack left the city without internet and its servers forcing them to remain down during repairs
The affected computers are remaining offline until they are fully scanned for threats before being brought back online
Only the city hall, library, and annex are able to receive phone calls at time of repairs

City of Odessa, Midland County

Breach Type – Hacking, Data Breach

Data Breaches
December 12th, 2019

Hacking incident that happened over the course of a month was discovered
Resident credit and debit card information was likely leaked
Officials sent letters to customers that were affected in the attacks

City of Waco, McLennan County

Breach Type – Hacking, Data Breach

WacoTrib
December 12th, 2019

Credit card information likely stolen from city servers
Over 8,000 residents were notified of the breach
Officials advised citizens to monitor financial information

City of Waco, McLennan County

Breach Type – Hacking, Superion Breach

WacoTrib
December 12th, 2019

City and its water customers were victims of cyberattack
Over 2,500 online billing records were discovered for sale
Officials worked closely with vendor Click2Gov to correct problem

City of Sugar Land, Fort Bend County

Breach Type – Hacking, Data Breach

Chron
December 16th, 2019

City in Texas was one among multiple cities affected by Click2Gov cyberattack
Officials forced to utilize different payment system going forward
City was unaware of how large the breach was until almost two months later

City of Fort Worth, Tarrant Co.

Breach Type – Hacking, Data Breach

Star Telegram
December 5th, 2019

Thousands of citizens likely had personal information taken during breach
Citizens that made a payment during a nearly two month period likely affected
City officials offered free credit monitoring for a full year to victims

City of College Station, Brazos County

Breach Type – Hacking, Data Breach

KBTX
November 18th, 2019

Texas city forced to warn citizens about possible cyberattack
Popular system Click2Gov had data security issue
City worked with federal law enforcement and private investigators

City of San Angelo Online Water Billing System, Tom Green County

Breach Type – Hacking, Data Breach

Go San Angelo
November 13th, 2019

City investigated cyberattack after resident billing information likely stolen
Officials urged citizens to monitor accounts for fraudulent activity
Affected individuals were contacted via email from the city

City of Carrollton; Denton, Dallas, and Collin County

Breach Type – Unknown, Malware

CBS DFW Local
October 10th, 2019

Carrollton, Texas and several counties were victims of malware cyberattack
Officials stated that city services had been impacted
Public safety and 911 emergency response remained unaffected

Travis County Appraisal District, Travis County

Breach Type – Unknown, Ransomware

KUT
September 19th, 2019

County district was hit with ransomware cyber attack, officials stated they did not pay the ransom
Officials advised that core system had been restored, district worked with state agencies to identify bad actor
District officials stated that off-site redundancies helped to mitigate damage

City of Palestine, Anderson County

Breach Type – Phishing, Other

Gov Tech
August 29th, 2019

The computer systems was hacked leaving questions concerning the security of the Texas's systems
Phishing emails almost cost the city $1,200 in false requests to supervisors purchasing 'Google Play' gift cards
Some employees ignored the abnormal requests but some department heads fell victim and paid for said cards

City of Lampasas, Lampasas County

Breach Type – Unknown, Ransomware

KXXV
August 22nd, 2019

Lampasas city in Texas among 22 Texan cities attacked with ransomware
Officials stated the attack affected city operations, no personal information was leaked
City was able to mitigate losses with emergency response protocols

Lubbock County Government Systems, Lubbock County

Breach Type – Unknown, Ransomware

Fox 34
August 20th, 2019

Ransomware cyber attack affected 22 cities across Texas in coordinated hit
County IT department worked quickly to contain the threat
IT was able to isolate and contain the ransomware, preventng computer systems from further infection

Grayson County Government Systems, Grayson County

Breach Type – Unknown, Ransomware

Armor
August 22nd, 2019

Grayson County computer services were offline for less than 24 hours after ransomware attack
County officials confirmed systems were fixed and that no other issues had occurred

City of Kaufman, Kaufman County

Breach Type – Unknown, Ransomware

NY Times
August 23rd, 2019

Kaufman city phone services were disabled in ransomware cyber attack
City officials advised that they were unable to discuss details of the attack

Armor
August 22nd, 2019

City of Kaufman computer and phone systems were rendered unusable in ransomware attack
City's ability to access data and payments was greatly limited
Police and fire services remained operational, in addition to City Hall

City of Borger, Hutchinson County

Breach Type – Unknown, Ransomware

News Channel 10
August 19th, 2019

The city was one of a reported 20 entities that were targeted in the latest ransomware strings
Basic services are still provided in the state the City is in such as Police, Fire, Animal Control, and more
Utility payments are unavailable and databases such as "Vital Statistics" remain rendered unusable

City of Keene, Johnson County

Breach Type – Unknown, Ransomware

NPR
August 20th, 2019

Due to this attack, the city was unable to process any utility payments on its systems
The hackers targeted the software the city used that was also managed by an outsourced company, causing the widespread attack
$2.5 million in ransom was requested by hackers to "restore" systems

City of Tyler Website, Smith County

Breach Type – Hacking, Other: Website Defacement

Tyler Paper
August 6th, 2019

The website was hacked by another self proclaimed "hacktivist" briefly being taken over and replaced with a defacing image
It was determined that only the website was affected and no sensitive information was affected

KLTV
August 9th, 2019

The site is still rendered offline making the public unable to use it to pay things such as tickets and access other public services hosted online
This anti-government groups seem to be doing nothing more than defacing websites with their messages and leaving sensitive information alone
Luckily the website pages that were affected are not hosted on the same servers as the publics private information

Milam County Government Systems, Milam County

Breach Type - Phishing, Ransomware

Cameron Herald
June 13th, 2019

An attack crippled the computer systems throughout the county interrupting many processes that were under way
The virus initially was in standby until IT was working on a system transfer triggering the attacks
Ransom of $180,000 was requested but it was not paid as the county was able to get systems recovered

City of Edcouch, Hidalgo County

Breach Type - Hacking, Ransomware

The Monitor
June 8th, 2019

City computers were infiltrated by hackers and then held for ransom for eight bitcoins equaling $40,000
All data that was accessed by hackers was encrypted and phone lines associated were rendered useless over the weekend
Directions to download a tor browser and give payment were supplied by the hackers in an effort to get ransom paid

City of Fort Worth, Tarrant County

Breach Type - Phishing, Other

Star Telegram
May 17th, 2019

City of Forth Worth victim of e-mail phishing scheme, lost nearly $700,000
Hacker utilized scam e-mail that appeared to be from one of the city's vendors
E-mail requested city change electronic deposit to a different bank

City of Laredo, Webb County

Breach Type - Ransomware

IMTONLINE
May 24th, 2019

City of Laredo attacked by ransomware virus that encrypted City Secretary's Office document system
City officials advised that by the next day most of their departments' systems were functional
During the attack, all city employees' computers had to be powered off to stop viral spread

City of Del Rio, Val Verde County

Breach Type - Ransomware

News4SA
January 10th, 2019

City servers disabled after ransomware attack
Employees were unable to log in due to denied access
Unclear if personal data was compromised
All City Hall transactions completed on paper until further notice

City of Houston Permitting Center, Harris County

Breach Type - Other, Data Breach

ABC 13
December 19th, 2018

Two cyber attacks occurred mid year 2017, details newly released
Thousands of planning documents and permit applications deleted by hackers
No security controls turned on to prevent data breaches, security problems not corrected at the time of the attacks
Firewalls were not set up correctly and no server monitoring tools were in place

Grimes County

Breach Type - Phishing, Malware

Navasota Examiner
October 3rd, 2018

Grimes County requested emergency funds to remediate Emotet Malware from the network
Approved emergency funds consist of over $26,000
55 county machines are known to be infected
Concern surrounds the data at risk, in particular the sheriff’s department criminal database
County training employees how to open SPAM emails

City of Tyler, Smith County

Breach Type - Other/Vulnerability, Data Breach

Tyler Paper
September 10th, 2018

Unknown third party hacked payment system used by residents to pay water bills and municipal court fees
U.S. Secret Service notified city and cyber incident investigated at a federal level
City shut down the service, relaunching with additional security

City of San Angelo, Tom Green County

Breach Type - Other/Vulnerability, Data Breach

San Angelo Live
August 17th, 2018

City suspended online utility payments due to data breach
City customers’ credit card numbers compromised
Third party vendor conducting forensic investigation

Fort Worth, Tarrant Co.

Breach Type - Hack

NBC
June 27th, 2018

Chief Technology Officer claimed Fort Worth had one or two breaches
Two accounts compromised by hackers
Employee login brute-forced
Hackers changed direct deposit information

City of Midland, Midland Co.

Breach Type - Other, Data Breach

MRT
June 25th, 2018

Vulnerability in Superion's bill pay system leaves Midland City vulnerable to hackers
Citizens' financial data potentially breached
City advised potentially affected users sign up with fraud protection services

Galveston County

Breach Type - Hack

Click 2 Houston
June 4th, 2018

More than $500,000 disappears as result of a hack on Galveston County
Hackers rerouted payment money between county and trusted construction vendor
Law enforcement leads investigation to find money & hacker

City of Farmersville, City of Anna, City of Sachse, Collin County

Breach Type - Ransomware

Farmersville Times
May 31st, 2018

Ransomware virus drastically affected city's ability to take payments and send out utility bills
Collin County cities, including Anna & Sachse, also hit with virus
City email not operational

Presidio County Appraisal District

Breach Type - Ransomware

Big Bend Now
May 3rd, 2018

Malicious email attachment opened by district employee
Launched rapid ransomware on district main server
Isolated the infected files & wiped server

City of Bryan

Breach Type - Phishing

WTAW
March 21st, 2018

City of Bryan falls victim to a spear phishing campaign
Investigation with city of Bryan Police & the FBI are ongoing
No personal information has been compromised

State of Texas Election System

Breach Type - Hack

NBC News
February 26th, 2018

Senior intelligence officers believe Texas was one of original states affected by election hacking
Websites believed to be affected, not voting systems
Texas Secretary claims no voting info/registration info was compromised before 2016 election

City of Corpus Christi

Breach Type - Cryptojack/Other

WCCF Tech
February 12th, 2018

Over 4,200 victims hijacked to mine Monero cryptocurrency
Secretly hijacked using compromised plug-in called "Browsealoud"
Though sites were affected for hours, no user data was affected/compromised

Denton City Hall

Breach Type - Phishing

FraudAlert
January 28th, 2018

62 email accounts affected in attack, only 1 compromised
City government doesn't appear to have lost anything
Reset all possibly affected accounts
Police informed of incident

Harris County

Breach Type - Phishing

Houston Chronicle
January 25th, 2018

3 weeks after Hurricane Harvey, fraudulent contractor asks Harris Co. for $888,000
Sent the money over, realized after that this was a phishing scam
Quietly scrambled to recover money, working with FBI to track down scammer

City of Waco, McLennan County

Breach Type - Other/Vulnerability, Data Breach

City of Waco
January 10th, 2018

Payment information through the City’s online payment system not properly encrypted
Payment card information potentially exploited by unauthorized individuals
Investigation currently underway

Kerr Central Appraisal District

Breach Type - Hack

My San Antonio
January 8th, 2018

An infected email opened by district employee launches virus on Kerr servers
Virus unleashed spam emails from district to properties appraised by district
Necessary to wipe district servers & reinstall software & data

Midland County

Breach Type - Hack

News West 9
October 27th, 2017

Third-party payment system was hacked
Data could have been compromised during a security breach
Advising customers not to give out payment info over the phone

Texas Department of Agriculture

Breach Type - Ransomware

Square Meals
October 26th, 2017

Employee's state issued laptop compromised through malicious ransomware attack
Students in 39+ school districts of Texas have potential of compromised data

Square Meals - Security Notice
November 22nd, 2017

TDA recommends affected individuals contact major credit bureaus
To activate free fraud alert

SC Magazine
December 11th, 2017

Department operates the state's federal nutrition program
More than 700 students affected, valuable data (SS numbers, home addresses, birth dates, etc.)

City of Beaumont, Jefferson County

Breach Type - Other, Data Breach

Beaumont Texas
August 24th, 2017

Water customers alerted City to unauthorized charges on payment cards used to pay online bills
City immediately shut down online water bill payment system
Breach occurred throughout early August

City of San Marcos

Breach Type - Phishing

KXAN
March 16th, 2017

Spear phishing email puts any person employed by the city starting from 2016 at risk
803 employees' information potentially compromised
Employee received and responded to malicious email, attaching the 2016 W2 information
At least a dozen employees reported their taxes are being filed – by someone else
The city has notified the IRS, taxing authorities, and local police

Tarrant County

Breach Type - Ransomware

Star-Telegram
August 5th, 2016

Malware infected computer, was not initially obvious
Isolated employee’s data from the rest of the computer network
Restored files without having to pay ransom

Alto City Office

Breach Type - Ransomware

Jacksonville Progress
March 28th, 2016

Ransomware carried in seemingly benign email invoice
Employee opened email attachment
Ransom of $500 for first computer proposed

Medical

Retina & Vitreous of Texas, PLLC Provides Notification of Data Security Incident, Harris County

Breach Type – Unknown, Data Breach

PR Newswire
April 10th, 2023

" Retina & Vitreous of Texas, PLLC ("Retina & Vitreous") has learned of a data security incident that may have affected personal and protected health information belonging to certain current and former Retina & Vitreous employees and patients.”
" On February 1, 2023, Retina & Vitreous became aware of unusual activity within its network and discovered that there had been unauthorized access to the environment. Retina & Vitreous immediately took steps to investigate the activity and secure the environment. On February 15, 2023, the investigation determined that some personal and protected health information may have been acquired without authorization in connection with the incident."
" Retina & Vitreous undertook a thorough review to identify all potentially affected individuals and the nature of the information involved, which was completed on March 21, 2023.”
” Based on this review, the following information for current and former patients may have been affected as a result of the incident: names, addresses, diagnoses and treatment information, insurance carrier information, and insurance subscriber identification numbers.”
”On April 10, 2023, Retina & Vitreous notified individuals whose information may have been affected in connection with the incident.”

Vendor Data Breach Impacts At Least 9 Healthcare Organizations, Fort Duncan Regional Hospital-Maverick County

Breach Type – Phishing, Data Breach

Health IT Security
April 3rd, 2023

"At least nine healthcare organizations recently reported a vendor data breach tied to Adelanto HealthCare Ventures (AHCV), a consulting company that specializes in Medicaid reimbursements.”
"According to the breach notices, AHCV became aware of suspicious activity in its digital environment on November 5, 2021. Further investigation revealed that an unauthorized party had accessed two employee email accounts via a phishing scam."
"AHCV initially believed that no protected health information (PHI) was impacted. However, on August 19, 2022, the company determined that PHI may have been involved. Texas-based St. Luke’s Health notified 16,906 individuals of the AHCV breach back in November 2022.”
”The email accounts largely contained the patient names, facility names, age, patient account numbers, admission and discharge dates, insurance carriers, and balance information.”

Vendor Data Breach Impacts At Least 9 Healthcare Organizations, Doctors Hospital of Laredo-Webb County

Breach Type – Phishing, Data Breach

Health IT Security
April 3rd, 2023

"At least nine healthcare organizations recently reported a vendor data breach tied to Adelanto HealthCare Ventures (AHCV), a consulting company that specializes in Medicaid reimbursements.”
"According to the breach notices, AHCV became aware of suspicious activity in its digital environment on November 5, 2021. Further investigation revealed that an unauthorized party had accessed two employee email accounts via a phishing scam."
"AHCV initially believed that no protected health information (PHI) was impacted. However, on August 19, 2022, the company determined that PHI may have been involved. Texas-based St. Luke’s Health notified 16,906 individuals of the AHCV breach back in November 2022.”
”The email accounts largely contained the patient names, facility names, age, patient account numbers, admission and discharge dates, insurance carriers, and balance information.”

Vendor Data Breach Impacts At Least 9 Healthcare Organizations, South Texas Healthcare System-Hidalgo County

Breach Type – Phishing, Data Breach

Health IT Security
April 3rd, 2023

"At least nine healthcare organizations recently reported a vendor data breach tied to Adelanto HealthCare Ventures (AHCV), a consulting company that specializes in Medicaid reimbursements.”
"According to the breach notices, AHCV became aware of suspicious activity in its digital environment on November 5, 2021. Further investigation revealed that an unauthorized party had accessed two employee email accounts via a phishing scam."
"AHCV initially believed that no protected health information (PHI) was impacted. However, on August 19, 2022, the company determined that PHI may have been involved. Texas-based St. Luke’s Health notified 16,906 individuals of the AHCV breach back in November 2022.”
”The email accounts largely contained the patient names, facility names, age, patient account numbers, admission and discharge dates, insurance carriers, and balance information.”

Vendor Data Breach Impacts At Least 9 Healthcare Organizations, Texoma Medical Center-Grayson County

Breach Type – Phishing, Data Breach

Health IT Security
April 3rd, 2023

"At least nine healthcare organizations recently reported a vendor data breach tied to Adelanto HealthCare Ventures (AHCV), a consulting company that specializes in Medicaid reimbursements.”
"According to the breach notices, AHCV became aware of suspicious activity in its digital environment on November 5, 2021. Further investigation revealed that an unauthorized party had accessed two employee email accounts via a phishing scam."
"AHCV initially believed that no protected health information (PHI) was impacted. However, on August 19, 2022, the company determined that PHI may have been involved. Texas-based St. Luke’s Health notified 16,906 individuals of the AHCV breach back in November 2022.”
”The email accounts largely contained the patient names, facility names, age, patient account numbers, admission and discharge dates, insurance carriers, and balance information.”

Texas hospital data breached in third-party phishing attack, Northwest Texas Healthcare System-Potter County

Breach Type – Phishing, Data Breach

Backer Hospital Review
March 31st, 2023

"Amarillo-based Northwest Texas Healthcare System is notifying patients that some of their protected health information was compromised when its consulting company Adelanto HealthCare Ventures was targeted by a phishing attack.”
"On Nov. 5, 2021, Adelanto HealthCare Ventures learned that two of its employee email accounts had been targeted by a phishing attack. It wasn't until Aug. 19, 2022, that the company discovered that protected health information may have been compromised as a result of the breach."
"On Jan. 28, the company notified Northwest Texas Healthcare System that some of their patient information may have been involved in the breach, according to a March 29 breach notification from the health system.”
”The health system launched its own investigation and determined that the following patient information may have been compromised: names, ages, patient account numbers, admission and discharge dates, insurance carriers and balance information. Northwest Texas Healthcare System said no financial information or Social Security numbers were compromised.”

Texas Medical Liability Trust Files Notice of Data Breach, Leaking Social Security Numbers and Other Sensitive Data, Travis County

Breach Type – Hacking, Data Breach

JD Supra
March 20th, 2023

“On March 6, 2023, Texas Medical Liability Trust (“TMLT”) filed a notice of data breach with the Attorney General of Texas after learning that confidential consumer information entrusted to the company was leaked in a recent cybersecurity incident."
“Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, driver’s license numbers, financial account information and protected health information.”
”After confirming that consumer data was leaked, TMLT began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.”.

553 days from discovery to notification? DataBreaches asked Dental Health Management Solutions why., Williamson County

Breach Type – Unknown, Data Breach

DataBreaches.net
February 27th, 2023

“On February 23, DHMS started sending notification letters to 3,205 employees and patients. A copy of their notification to the Maine Attorney General’s Office raises some questions about timeliness, though."
“On or about August 20, 2021, DHMS became aware of a possible incident involving its network…”
”Their submission indicates that the breach occurred on July 19, 2021, a date that is not included in the letter. We will use August 20, 2021 as the date of discovery. In a second submission to Maine that represents a letter to those affected, DHMS states that on or around October 21, 2021, DHMS found evidence that an unauthorized user had accessed a limited amount of data within its email environment beginning on or about August 5, 2021. They state that it wasn’t until September 21, 2022, however, following a review of its email environment, that DHMS engaged a specialized third-party data mining firm to review one compromised email account.”.
”Based on the results of an investigation conducted by third-party data mining vendors, DHMS determined that the following elements of personal information may have been accessed and/or acquired by an unauthorized individual.”

2 Vendors Among BlackCat's Alleged Recent Ransomware Victims, Blanco County

Breach Type – Unknown, Ransomware

Healthcare Info Security
January 23rd, 2023

“Blanco, Texas-based PharmaCare Services, a provider of pharmacy management and consulting services, appeared on BlackCat's leak site late last week."
“The site still lists PharmaCare as a victim but took down its NextGen listing for unknown reasons.”
”PharmaCare did not immediately respond to ISMG's request for comment on it being listed on the BlackCat leak site.”.

Home Care Providers of Texas discloses ransomware incident affecting more than 124,000, Dallas County

Breach Type – Unknown, Ransomware

DataBreaches.net
January 13th, 2023

”Home Care Providers of Texas (DPP II, LLC), has disclosed a ransomware incident to the Texas Attorney General’s Office. According to their notification, unnamed threat actors accessed patient information between June 25 and June 29. The breach was detected on June 29 when files were encrypted."
"In addition to encrypting some files, the threat actors also exfiltrated some files. The patient information involved included names, addresses, dates of birth, social security numbers, certain treatment or diagnosis information, and certain medication information. HCPT’s substitute notice can be found on its website, clearly linked from its home page.”
”DataBreaches has not seen any mention of this entity on any dark web leak site even though it is now more than six months since data were exfiltrated. HCPT’s notice does not indicate whether they had responded to any ransom demand. Although the total number of patients affected was not included in their notice, their report to the Texas Attorney General indicated that 124,363 Texas residents were affected. The incident does not appear on HHS’s public breach tool at time of publication.”

St. Luke’s Health Suffers Third-Party Data Breach, Unrelated to CommonSpirit Attack, Harris County

Breach Type – Unknown, Data Breach

Health IT Security
November 3rd, 2022

”Texas-based St. Luke’s Health notified nearly 17,000 individuals of a third-party vendor data breach that originated at Adelanto Healthcare Ventures, a consulting services vendor."
"Texas-based St. Luke’s Health notified 16,906 individuals of a third-party data breach that impacted Adelanto Healthcare Ventures (AHCV), a consulting services vendor. The breach is unrelated to the October ransomware attack at St. Luke’s Health’s parent company, CommonSpirit Health, which impacted multiple facilities, including St. Luke’s. In a recent notice to patients, St Luke’s Health explained that AHCV discovered that two of its employee email accounts were compromised by a third party on November 5, 2021.” “An initial investigation by AHCV indicated that no protected health information had been exposed,” the notice explained.
”However, after further review, AHCV determined that the compromised email accounts contained St. Luke’s Health protected health information and notified St. Luke’s Health of its new findings on September 1, 2022.” The data involved in the incident included names, dates of birth, addresses, Social Security numbers, dates of service, Medicaid numbers, medical record numbers, and limited clinical information. AHCV has since implemented additional security controls and has found no indication that data was misused as a result of the incident.”

Data Security Incident Exposes PHI For Over 1K Zomo Health Members, Harris County

Breach Type – Unknown, Data Breach

Health IT Security
October 7th, 2022

”October 07, 2022 - Healthcare software company Zomo Health disclosed a data security incident to HHS that involved the protected health information (PHI) of 1,359 individuals accidentally being exposed. According to a notice on its website, Zomo Health became aware of a spreadsheet containing plan member information that was inadvertently made accessible through its website on August 5, 2022. The investigation concluded that the spreadsheet was accessible on the internet between January 15, 2022, and August 5, 2022. "
"The impacted information potentially included names, dates of birth, Social Security numbers, health plan information, work addresses, phone numbers, email addresses, and information regarding participation in health plan incentives. “The file was made accessible through human error and was not due to intentional or malicious action,” the notice stated. After discovering the error, Zomo Health stated it immediately took the file off the website and secured its contents."
”As a result of this incident, we have remediated the process vulnerability that led to the error and engaged an external security company to enhance the security of our technology systems on an ongoing basis,” Zomo Health said. The investigators have not found evidence that any information has been accessed or stolen, but out of an absence of caution, Zomo Health is mailing letters to impacted individuals.”

OakBend Medical Center hit by ransomware; Daixin Team claims responsibility, Fort Bend County

Breach Type – Unknown, Ransomware

Data Breaches
September 11th, 2022

”While many were looking forward to the Labor Day holiday weekend, the IT department at OakBend Medical Center learned they had been hit with a ransomware attack. The center is still trying to recover."
"Bend County Government Cyberteam to investigate. When experts from Dell, Microsoft, Malware Protects, and their IT staff cleared them to start rebuilding their system, they started rebuilding it."
"As of September 9, OakBend reported they were still in the process of rebuilding and that phones and email were still impacted. Alternative phone numbers were posted prominently to assist patients in reaching them."

Methodist Hospital McKinney Cyber Attack: Personal Data Hacked, Collin County

Breach Type – Hacking, Ransomware

Community 99
August 16th, 2022

"Methodist McKinney Hospital and two of the company’s surgical centers had hacked their computer systems earlier this summer, exposing patients’ Social Security numbers, medical histories and more."
"The hacking took place on July 5, when hospital staff were “notified of unusual activity on certain systems.”
"The hospital confirmed that an “unauthorized actor” had access to computer systems containing data for Methodist McKinney Hospital, Methodist Allen Surgical Center and Methodist Craig Ranch Surgical Center."
"The hospital’s investigation found that the following information was stored in the hacked systems: names, addresses, social security numbers, dates of birth, medical history, medical diagnoses, treatment information, medical record numbers and health insurance information."

BHG Behavioral Health Group Recently notified patients of a December 2021 Breach, Dallas County

Breach Type – Unknown, Data Breach

Data Breaches
August 7th, 2022

"Protected health information in those files and folders included the individuals’ full name, Social Security number, driver’s license or state identification number, financial account information, payment card information, passport, biometrics, health insurance information..."
"The incident does not currently appear on any dark web leak site related to ransomware groups or markets, or forums where stolen data is offered for sale, free download, or trade, but of course, that does not mean that data has not or will not be misused in the future."
"BHG has no evidence to suggest that any information has been misused. However, out of an abundance of caution, on July 27, 2022, BHG provided notification to individuals whose information may have contained in the impacted files and folders."

Texas Health System data Breach Compromises Info of 15,000 Patients, Nueces County

Breach Type – Hacking, Data Breach

Becker Hospital Review
July 12th, 2022

“Christus Spohn Health System notified patients of a May data breach that compromised the protected health information of 15,000 patients"
“On May 4, the health system's IT security learned that an unauthorized user had accessed its system, which contained protected health information, including patients' full names, Social Security numbers, dates of birth, home addresses, billing and insurance information."
"The data breach did not affect health system operations, and there is no evidence to indicate that the compromised information has been misused."

Baptist Health System Announces Data Breach Affecting Patients of Two San Antonio-Area Hospitals , Bexar County

Breach Type –Hacking, Data Breach

JDSpura.com
June 20th, 2022

"Baptist Health System confirmed that the company experienced a data breach stemming from an incident in which an unauthorized party gained access to the company’s computer network after installing a line of malicious code on the System’s website."
"According to the Baptist Medical Center, the breach resulted in the full names, dates of birth, addresses, Social Security numbers, health insurance information, medical information and billing information of affected patients being compromised."
"On June 16, 2022, Baptist Medical Center filed official notice of the breach and sent out data breach letters to all affected parties. The Baptist Health breach affected more than 1.2 million patients in Texas alone."

Texas Tech University Health Science Center patients notified of third-party data security, Potter County

Breach Type – Unknown, Data Breach

KFDA News Channel 10
June 10th, 2022

“The Texas Tech University Health Science Center has notified patients of a potential breach of information held by Eye Care Leaders, Inc."
"On April 19, ECL provided TTUHSC final results of the investigation into the security incident, confirming some of the databases and files contained patient records."
"The ECL’s information contained name, address, phone numbers, driver’s license number, email, date of birth, medical record number, health insurance information, social security number."

80k Affected by Memorial Village ER Hacking Incident, Harris County

Breach Type – Hacking, Data Breach

Health IT Secuity
March 21st, 2022

“On March 9, Memorial Village ER in Texas began sending breach notification letters to 80,000 individuals following a February 18 hacking incident.”
“The incident potentially exposed names, birth dates, addresses, and COVID-19 testing results. Memorial Village ER said that the data was contained on a HIPAA-compliant secure server. However, an “unknown entity” accessed and hacked the server.”
“Memorial Village ER is offering impacted individuals 12 months of identity theft monitoring.”

Data Breach Alert: JDC Healthcare Management LLC, Dallas County

Breach Type – Unknown, Malware

JDSupra
March 3rd, 2022

"Recently, JDC Healthcare Management, LLC, also known as Jefferson Dental & Orthodontics, confirmed that the company experienced a data security event resulting in certain consumer information being compromised."
"On August 9, 2021, JDC Healthcare Management learned that someone installed a malware program on its computer systems."
"The company confirmed that certain documents on its servers were “copied from or viewed” between the dates of July 27, 2021 and August 16, 2021."
"The compromised information varies by consumer, it may include affected parties’ Social Security numbers, passport numbers, driver’s license numbers, state identification numbers, dates of birth, clinical information, health insurance information and financial information."

Information for over 6,000 Memorial Hermann patients accessed in security breach, Harris County

Breach Type – Hacking, Data Breach

KHOU 11 News
February 2nd, 2022

"Memorial Hermann is looking into the security breach. Hackers could access social security numbers, financial information and more."
"An unauthorized third party accessed multiple files including the following types of PHI: first names, last names, dates of birth, social security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information."
"there is no sign of anyone's information being used as a result of this cyberattack."
"Advent Health Partners have been investigating the security issue after finding suspicious activity on employee email accounts with data from Memorial Hermann."

Malware attack on Texas hospital exposed employees' wages, patients' health data, Throckmorton County

Breach Type – Unknown, Malware

Becker Hospital Review
October 28th, 2021

"Throckmorton (Texas) County Memorial Hospital is notifying 3,136 patients and employees of a data breach after a cyberattack forced it to shut down its IT systems."
"The hospital engaged law enforcement and experts to determine the scope of the breach, remove the malware and restore its security systems. The investigation determined the cyberattack began on or around Aug. 25."
”Patient data that may have been exposed includes names, addresses, birth dates and medical-related information. Meanwhile, employees' payroll information, wage history, tax information and Social Security numbers were affected,"
"The hospital's operations have been restored"

Hacker breaches Texas hospital's IT systems, exposing 48,000 patients' info, Lavaca County

Breach Type – Hacking, Data Breach

Becker Hospital Review
October 29th, 2021

”Texas Lavaca Medical Center in Hallettsville is notifying 48,705 patients that their protected health data might have been exposed in a cyberattack:"
“On Aug. 22, the hospital discovered unusual activity within its computer network, according to a news release. The hospital retained a computer forensics firm to secure the network and launch an investigation to determine the scope of the breach."
"The investigation found that a hacker gained access to the hospital's network between August 17-22. The investigation was unable to discover if the hacker accessed patients' data on the system. "
”The hospital said there is no reason to suspect that patients' information has been stolen or misused from the cyber incident."

162,000 patients exposed in ransomware attack on Texas medical group, Kent County

Breach Type – Unknown, Ransomware

Becker Hospital Review
August 6th, 2021

"Houston-based Gastroenterology Consultants began notifying patients their data may have been exposed in a ransomware attack on the medical group."
"The Jan. 10 ransomware attack potentially exposed 162,163 patients and employees"
"The Texas medical group said it resolved the cyber issues and remediated and restored its systems, After undergoing an extensive data-mining process to determine specifically which patients or employees have information exposed, the medical group felt it was more cost-effective to notify all patients and employees instead."
"Its EHR was not affected in the breach; however, some protected health information was exposed. Sensitive health information, such as Social Security numbers, was stored in PDFs or Excel files prepared by employees to facilitate patient processing. Fewer than 50 patients' Social Security numbers have been exposed"

American College of Emergency Physicians, Dallas County

Breach Type – Hacking, Data Breach

Becker's Hospital Review
April 21st, 2021

Data was compromised between April 8th and September 21st, 2020
Compromised data includes member profile details, which may have financial account information and SSNs
ACEP replaced the affected server, changed passwords, and employed additional cyber security measures

ProPath, Dallas County

Breach Type – Unknown, Data Breach

Becker's Hospital Review
March 11th, 2021

Over 39,000 patients were notified of breach in ProPath email accounts
Potentially exposed information included Social Security numbers, financial account information, birthdates and more
There has been no evidence the information has been misused

Nocona General Hospital, Montague County

Breach Type – Unknown, Ransomware

Data Breaches
February 10th, 2021

On February 3rd threat actors added the General Hospital to their leak sight along with 20 files as proof
The Hospital believes that the threat actors had been able to access their EMR system on an older out of date server
There has been no ransomware request and the Hospital states that there may have been one but they did not read it

Precision Spine Care, Smith County

Breach Type – Hacking, Data Breach

Becker's Hospital Review
January 14th, 2021

A hacker was able to gain access to an employee email and attempted payment fraud
The attempt was unsuccessful and the account was disabled
Over 20,000 patients' information was accessible from the employee account

Central Health, Travis County

Breach Type – Hacking, Data Breach

Patch
December 11th, 2020

Healthcare provider was victim of cyberattack
IT and law enforcement conducted investigation
Officials remained uncertain as to the extent of damage

Hendrick Health Systems, Taylor County

Breach Type – Unknown, Data Breach

Becker's Hospital Review
November 10th, 2020

Healthcare provider forced to shutdown following a data breach
Inpatient and emergency services remained intact
Third party IT professionals and law enforcement were contacted for assistance

Abilene Reporter News
November 16th, 2020

Healthcare provider's systems reactivated
Systems had been offline following cyberattack
Officials advised that they would remain diligent for further issues

Hendrick Health Systems, Taylor County

Breach Type – Unknown, Data Breach

Becker's Hospital Review
November 10th, 2020

Healthcare provider with 3 hospitals took network offline
Officials reassured the public that inpatient and emergency services remained intact
Third party IT firms and law enforcement were contacted to assist with investigation

UT Health San Antonio, Bexar County

Breach Type – Unknown, Data Breach

News 4 San Antonio
September 1st, 2020

The blackbaud breach had no sensitive information exposed
Many different systems were exposed in the Blackbaud breach
Exposure is forcing medical systems to notify patients and donors about breach

Texas Children's Hospital, Harris County

Breach Type – Unknown, Data Breach

ABC 13
September 15th, 2020

Following Blackbaud data breach, healthcare provider warned patient information exposed
Patient names, dates of birth, and other medical information were leaked
Officials reassured their patients that they were taking all necessary precautions

United Memorial Medical Center, Harris County

Breach Type – Unknown, Ransomware

Data Breaches
August 30th, 2020

Medical center was victim of ransomware cyberattack
Bad actors released select patient files as proof of attack
Media outlets attempted to contact healthcare center, no response was given

Benefit Recovery Specialists, Harris County

Breach Type - Hacking, Malware

Health IT Security
July 13th, 2020

Over 270,000 patients were notified of potential exposure of sensitive information
This makes the attack the fourth largest data breach on healthcare data
Exposed data may include names, dates of birth, policy identification numbers, provider names, diagnosis codes, dates of service and or procedure codes

Legacy Community Health Service, Harris County

Breach Type – Phishing, Data Breach

Becker's Hospital Review
June 30th, 2020

Legacy health services faces a phishing scheme as an employee falls victim to email scam
The employee thought the email was from a legitimate source and provided login credentials to bad actor
19,000 individuals had their private information exposed in this breach causing the Legacy Health Service to reach out to those possibly affected

CHI St. Luke's Health-Memorial Lufkin, Angelina County

Breach Type – Phishing, Data Breach

Data Breaches
June 23rd, 2020

CHI had publicly released that they were affected by bad actors infiltrating their servers and gaining access to patient information
The information was contained within two employee emails that is unknown if it was used inappropriately
CHI has launched an internal investigation following the attack with forensic experts

AffordaCare Urgent Care Clinic, Taylor County

Breach Type – Unknown, Ransomware

Data Breaches
March 14th, 2020

Bad actor known as "thedarkoverlord" utilized ransomware
Healthcare center didn't cooperate with bad actor
Provider had yet to publicly disclose breach of 14,000 patients' information

United Regional Health Care System, Wichita County

Breach Type - Phishing, Data Breach

News Channel Six
February 19th, 2020

Healthcare center was victim of cyberattack
Center utilized third party IT firm to assist
Officials believed information remained safe

Fondren Orthopedic Group, Harris County

Breach Type - Unknown, Malware

Beckers Hospital Review
February 4th, 2020

Over 30,000 patients likely had information stolen
Names, addresses, health insurance information leaked
Officials stated they would take steps to enhance security

MHMR of Tarrant County, Tarrant County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review
February 5th, 2020

Over 6,500 patients had information stolen during cyberattack
Healthcare facility forced to send out notifications to affected patients
Names, Social Security numbers, among information stolen

Children's Choice Pediatrics, Collin County

Breach Type – Unknown, Ransomware

Becker’s Hospital Review
January 8th, 2020

Ransomware used in cyberattack hit against pediatric center
Officials confirmed that healthcare facility's data was encrypted
Some data was unable to be retrieved by IT personnel

The Center for Health Care Services, Bexar County

Breach Type – Unknown, Ransomware

Cyber Port
December 27th, 2019

Health care provider hit with ransomware cyberattack
Officials disabled computer network to mitigate damage
IT discovered only a single computer server had been hit

Berry Family Services, Rockwall County

Breach Type – Hacking, Ransomware

Beckers Hospital Review
September 27th, 2019

Health services provider attacked with ransomware, locked network from access
Attack encrypted over 1,700 patients' information
Data exposed likely included names, addresses, dates of birth, Social Security numbers, and other health related information

Wise Health, Wise County

Breach Type - Phishing, Other

Data Breaches
July 18th, 2019

It has been noted that this attack has impacted over 35,000 patients
Employees had fallen victim to a phishing attack on their systems giving login credentials to the hackers
Hackers were able to use the information to attempt attacks on payroll systems to try to divert funds

EmCare, Dallas County

Breach Type - Phishing, Data Breach

PR News Wire
April 20th, 2019

Hackers were able to gain access to several employee emails
EmCare victim of cyber attack that gained access to employees' email accounts
Personal information, including patient and contractor information, was likely accessed
EmCare unable to determine if information was misused by unauthorized party

Weslaco Regional Rehabilitation Hospital, Hidalgo County

Breach Type - Phishing, Data Breach

Valley Morning Star
April 9th, 2019

The hospital had noticed that several employee email accounts were compromised
Sensitive patient information had been exposed such as social security, date of birth, patient info, and more
Patients are being contacted following the exposure with notifications of exposure and who to contact

Baylor Scott & White Medical Center, Collin County

Breach Type - Hacking, Data Breach

Becker's Hospital Review
December 11th, 2018

Vendor for Baylor Scott & White Medical Center suffered cyber attack
Cyber attack may have compromised 47,000 patients or guarantors
Credit card information compromised in attack
Hospital’s information and clinical systems remain unaffected

Altus Baytown Hospital, Harris County

Breach Type - Hacking, Ransomware

Data Breaches
November 8th, 2018

Unauthorized party gained access to computer systems at Altus Baytown Hospital
Malware encrypted ABH’s records making them inaccessible, to extort money from ABH
The ransomware variant, known as Dharma, encrypted backup files
Files were successfully decrypted & all files could be restored

NorthStar Anesthesia, Dallas Co.

Breach Type - Phishing, Data Breach

Data Breaches
July 21st, 2018

Phishing scheme targeted NorthStar employee credentials
Hackers gained access to sensitive patient data
Offered Identity Protection & Restoration services for up to two years

Hunt Regional Medical Center, Hunt Co.

Breach Type - Phishing, Other

DataBreaches
July 14th, 2018

Hunt Regional employee email compromised by hackers
Patient PHI potentially exposed in data breach
Hunt offering free identity protection services to those affected

UMC Physicians (UMCP), Lubbock Co.

Breach Type - Hack/Data Breach

KCBD
July 12th, 2018

UMC Physicians' employee email account hacked
Hackers gain access to private information of 18,000 patient
UMCP offering identity protection services to those potentially affected

Texas Health Resources

Breach Type - Hack

Data Breaches
April 4th, 2018

Hackers infiltrate employee email accounts
Texas health notified patients, from 2017, on potentially compromised data
Offered free credit monitoring as precaution

Nuance Dragon, San Antonio Area Hospitals, Bexar Co.

Breach Type - Ransomware

Texas Public Radio
June 28th, 2017

Ransomware variant known as WannaCry disabled dictation service from Nuance Dragon
Methodist Healthcare facilities, Baptist Health System, & CHRISTUS health all affected in attack
Attack created additional work for staff, leaving little time for daily patient care

Hill Country Memorial Hospital

Breach Type - Phishing

Becker's Hospital Review
February 21st, 2017

Hackers gained access to employee email through phishing scheme
The attack aimed to infiltrate Hill Country's payment department
No evidence has surfaced that any sensitive data was compromised
As precaution, Hill Country offering one year of free credit monitoring

ABCD Pediatrics

Breach Type - Ransomware

Bank Info Security
February 6th, 2017

Though files were encrypted, no ransom was demanded
Systems infected with variant of CriSiS ransomware known as "Dharma"
Anti-virus software significantly slowed malware & servers were taken offline
Massive data breach followed attack as hacker potentially viewed 55,447 sensitive files
Incident reported to the FBI and the Department of Health and Human Services

Seguin Dermatologist's Office

Breach Type - Ransomware

Express News
November 11th, 2016

Dermatologist stated his office computer was attacked with ransomware
Hackers potentially accessed all sensitive information on Seguin servers
Seguin offered free identity protection services to its patients

Rainbow Children's Clinic

Breach Type - Ransomware

Data Breaches
October 17th, 2016

Computers taken offline during ransomware infection
Rainbow Children's Clinic hires third-party investigator to analyze data at risk
All patients' data potentially breached
Rainbow notified all patients, offered free credit monitoring & identity theft protection services
Notified HHS of incident affecting 33,368 patients

Titus Regional Medical Center

Breach Type - Ransomware

Becker's Hospital Review
January 29th, 2016

Hackers encrypted Titus Regional database servers
Employees could not access EMR and interdepartmental orders
Titus holds no reason to believe data has been breached
Reverted to paper documentation while restoring servers

Education

Lake Dallas Independent School District notifies 21,982 Texans of breach, Denton County

Breach Type – Unknown, Ransomware

DataBreaches.net
May 4th, 2023

”In April, the Royal ransomware gang added Lake Dallas Independent School District in Texas to its leak site. Quoting the district’s description of itself, the attackers commented: Lake Dallas Independent School District has a vibrant, growing student population, an excellent array of programs, a strong curriculum, and a progressive, innovative atmosphere. Seems like everything is on the best level but its not. Gygabytes of students’ and their staff personal information is not a thing to worry about. A few hundreds of SSNs and array of passport information will be available here on Monday. This is the result of being non-progressive in cybersecurity.”
”But no data was provided as any proof of claims, and by May 4, no data had been leaked.”
”The district provided notification to the Texas Attorney General’s Office that 21,982 Texas residents had been affected by a breach and that individuals were being notified by U.S. mail. The types of information involved included: Name of individual; Address; Social Security Number Information; Driver’s License number; Government-issued ID number (e.g. passport, state ID card); Financial Information (e.g. account number, credit or debit card number); Medical Information; Health Insurance Information”

Our Lady of the Lake hit by cyberattack; victims say hackers got Social Security and other data, Bexar County

Breach Type – Hacking, Data Breach

DataBreaches.net
March 24th, 2023

"A cyberattack on Our Lady of the Lake University’s computer network compromised personal data on its faculty, students and even individuals who applied to the university but never attended..”
”The private Catholic university on San Antonio’s West Side this week confirmed that it recently found evidence that “unauthorized access” to its network occurred about Aug. 30 and that “a limited amount of personal information was removed.”
“It declined to detail the types of information taken.”

Another Texas school district with a data breach?, Tarrant County

Breach Type – Unknown, Ransomware

DataBreaches.net
February 28th, 2023

“LockBit has added White Settlement Independent School District in Texas to their leak site, with a proof pack that suggests that the threat actors were able to access — and may have exfiltrated — a lot of files."
“White Settlement ISD was recently informed by Homeland Security that the district experienced a possible cyberattack. District officials immediately began security intrusion prevention. Upon further investigation and security scans, WSISD determined that Skyward/Gradebook and Canvas were not compromised. The district discovered that the only compromised documents belonged to some staff members and were housed in a shared folder."
”Prior to this incident, WSISD had taken numerous cybersecurity measures to protect student and staff data. In the event that the district finds that your information was compromised, district officials will contact you. We will continue to work closely with several agencies to ensure that there are no future vulnerabilities.”

DA’s office probing San Benito security breach, San Benito County

Breach Type – Hacking, Data Breach

MYRGV.com Local News
December 21st, 2022

“Authorities are investigating a cyber extortion hacking group’s breach of the San Benito school district’s technology system which led to the theft of as many as 30,000 employees’ and students’ confidential information."
“On Wednesday, Cameron County District Attorney Luis Saenz confirmed the Karakurt group is behind the cybersecurity breach believed to have occurred about Nov. 1."
"Saenz said the breach led to the theft of 25,000 to 30,000 district employees’ and students’ confidential information.”

TX: Tuloso-Midway Independent School District discloses March 2022 data security incident, Nueces County

Breach Type – Unknown, Data Breach

DataBreaches.net
November 17th, 2022

”Tuloso Midway Independent School District in Nueces County, Texas, has slightly under 3,900 students. A notice posted on their website yesterday explained that on March 16, 2022, one employee’s email account was accessed without authorization. The statement does not reveal when the district first discovered the incident or how it was discovered.”
"On October 25, investigators confirmed that the account contained some personal information. The notice did not reveal how many individuals may have had their personal information exposed. The district stated they could not confirm the use or disclosure of any data, only that it was potentially exposed. The potentially exposed data included individuals’ names and driver’s license numbers. No mention was made of any student data being potentially exposed.”
”A report the district filed with the state attorney general’s office today creates a somewhat different impression of the incident. According to the state’s public breach listing, the Tuloso Midway ISD incident potentially affected 2,311 Texas residents and involved the following types of data elements: Name of individual; Social Security Number Information; Driver’s License number; Government-issued ID number (e.g. passport, state ID card); Financial Information (e.g. account number, credit or debit card number); Medical Information; Health Insurance Information; Other”

Mansfield ISD Hit with Ransomware attack, district says, Tarrant County

Breach Type – Hacking, Ransomware

WFAA-TV ABC
August 22nd, 2022

"The Mansfield Independent School District has been hit with a ransomware attack that's affected many of the district's systems, officials said Monday night."
"The attack caused an outage of systems that used internet, such as the website, email and phone systems, according to the district."
"Officials added that the attack affected the district's visitor and volunteer management systems, which means that the district has to suspend campus visitors for the time being."

Dallas Independent School District reveals breach, but details are still missing, Dallas County

Breach Type –Unknown, Data Breach

DataBreaches.net
September 3rd, 2021

"The Dallas Independent School District recently received notice of a data security incident involving the district’s electronic records that may affect former and current students, alumni, parents, and district employees."
"At this time, it appears the affected information has been contained and that none of it has been shared or sold."
"The incident reportedly potentially affects anyone who was a student, contractor, or employee between 2010 and the present. The data types involved were described as:or some current and former employees/contractors: first and last name, address, phone number, social security number, date of birth, dates of employment, salary information, and reason for ending employment. For some current and former students: first and last name, social security number, date of birth, parent/guardian contact information, and grades. For a subset of students, custody status and/or medical condition was also exposed."
"This incident has not appeared on any of the leak sites maintained by dozens of threat actors, forums, or markets…"

Over 26,000 Impacted by Ransomware at Texas School District

Breach Type – Unknown, Ransomware

Government Technology
June 25th, 2021

Judson Independent School District's computer and communication systems remained paralyzed Thursday as staffers scramble to understand the extent of a ransomware attack detected a week earlier.
District officials weren't disclosing what information the cyberattack compromised but acknowledged that Judson computers, telephones and e-mail services were still down.
Judson is working with local, state and federal authorities.

Somerset ISD, Bexar County

Breach Type – Unknown, Ransomware

Data Breaches
February 9th, 2021

The school district was reportedly attacked by Avaddon threat actors
There have been no public statements released about the attack regarding the information posted online
Bad Actors dumped an archive with 1,520 files in 27 folders uncompressed the data equaled about 3 GB of data

Socorro Independent School District, El Paso County

Breach Type – Unknown, Malware

KVIA
December 11th, 2020

The Socorro School District was victim of cyber attack
In a public release a spokesman stated that the IT department was prompted to take down network as a precaution
There is no sign that data was compromised however a data breach remains an ongoing concern

Weslaco Independent School District, Hidalgo County

Breach Type – Hacking, Ransomware

Valley Central
December 14th, 2020

School district was victim of ransomware cyberattack
Federal law enforcement assisted investigation
Classes were disrupted, officials remained unsure of extent of damage

Skidmore-Tynan Independent School District, Bee County

Breach Type – Unknown, Malware

Kristv
September 17th, 2020

Administrators report that they have reached out to the FBI in response to cyber attack
All windows devices have to be investigated following attack
Cybersecurity has been aiding process and has taken preventative measures

Athens Independent School District, Henderson County

Breach Type – Unknown, Ransomware

WFAA
August 1st, 2019

Following ransomware cyberattack, school district was forced to delay school start
School board voted to pay $50,000 ransom to bad actors
Officials believed personal information remained intact

Sheldon Independent School District, Harris County

Breach Type - Unknown, Ransomware

Data Breaches
August 1st, 2020

The district was attacked by Pysa ransomware, a variant of Mespinoza ransomware
Ransom demanded was over $350,000 and was not fully covered under cyber insurance policy
Information exposed generally consisted of demographic statistics and did not contain social security information

San Felipe Del Rio CISD, Val Verde County

Breach Type - Phishing, Other

Data Breaches
February 25th, 2020

Bad actors used phishing scheme in cyberattack
Funds were mistakenly transferred to fraudulent account
Law enforcement assisted with investigation

Fort Worth ISD, Tarrant County

Breach Type - Unknown, Malware

CBS Local
March 4th, 2020

School district hit in malware cyberattack
Officials believed IT personnel protected private information
Federal and local law enforcement were notified of the attack

Manor Independent School District, Travis County

Breach Type – Phishing, Other: Funds Stolen

NY Daily News
January 12th, 2020

Phishing cyberattack used to steal over $2 million
Federal and local law enforcement sought public's help
School system consisted of over 9,600 students

Port Neches-Groves Independent School District, Jefferson County

Breach Type – Unknown, Ransomware

The Port Neches News
November 12th, 2019

School district network taken out in ransomware cyberattack
Officials stated that all files had been encrypted and held for ransom
No personal information was affected in the attack

Sul Ross University Rio Grande College, Uvalde County

Breach Type - Unknown, Ransomware

In4Mate
June 24th, 2019

According to released information the college was hit with an attack on June 24th
No private information was compromised following the attack, the situation was still being assessed
All systems and services were rendered inoperable until further notice meaning no online networking

San Benito Consolidated Independent School District, Cameron County

Breach Type - Phishing, Other

Valley Morning Star
March 29th, 2019

Several departments prevented fraudulent transfers after irregularities were noticed
A school employee was directed to a fraudulent website that acted as the official banking website
To prevent this in the future employees will be trained and several protocols will be put in place

Crosby Independent School District, Harris County

Breach Type - Ransomware

CHRON
February 4th, 2019

Parents and staff were notified of ransomware within district’s IT systems
Schools were left with no access to technology until attack was resolved
Visitors were no longer allowed into schools due to downed screening procedures

Henderson Independent School District, Rusk County

Breach Type - Phishing, Other

Tyler Paper
October 12th, 2018

Cyber criminals steal over $600,000 from Henderson ISD
The district fell victim to a sophisticated phishing scam
Funds mistakenly transferred to a fraudulent account

Dallas County Community College, Dallas County

Breach Type - Phishing, Data Breach

NH Office of Attorney General
August 17th, 2018

Hackers accessed employee email account
Investigation launched & account secured
Private information of Dallas County Community members potentially exposed

Victoria Independent School District

Breach Type - Hack

DataBreaches
April 18th, 2018

Victoria Independent School District employee email accounts hacked
Email accounts stored private employee data
District resetting email account credentials & implementing two factor authentication as precaution

Ben Bolt Independent School District

Breach Type - Phishing

KIII TV
March 28th, 2017

Ben Bolt Independent School District targeted in spear-phishing scheme
Hackers posed as district superintendent
Employee emailed W-2 information to hacker
District immediately notified potentially affected individuals
Sheriff's department offered further assistence to district employees

Rockdale Independent School District

Breach Type - Phishing

KVUE
March 2nd, 2018

Rockdale Independent School District falls victim to phishing scheme
Several employees' taxes falsely filed by hackers
Employee forwarded valuable tax information to false superintendent

Tyler Independent School District

Breach Type - Phishing

KLTV
March 1st, 2017

Employee fell victim to phishing scam involving employee W-2 information
District sent letters to its employees, notifying them of the breach
School providing free credit monitoring and restoration services

Abernathy Independent School District

Breach Type - Phishing

Everything Lubbock
February 24th, 2017

Abernathy Independent School District falls victim to spear-phishing scheme
Employee responded to phishing email, sent W-2 information of district employees to hackers
District immediately reported to the IRS, FBI, and State Taxing Authorities

Mercedes Independent School District

Breach Type - Phishing

The Monitor
January 30th, 2017

W-2 information of employees sent in phishing scam
District instructed potentially affected to take steps in safeguarding data
950 employees affected in scheme

Belton Independent School District

Breach Type - Phishing

kcenTV
January 27th, 2017

Belton Independent School District fell victim to spear-phishing scheme
Employee W-2 information exposed, sent to hackers
District offered free credit monitoring through Experian
Over 1,700 potentially affected District employees

Argyle Independent School District

Breach Type - Phishing

NBCDFW
January 16th, 2017

Argyle Independent School Distract fell victim to spear-phishing scheme
Hacker posed as district Superintendent
2016 W-2 forms sent by employee
The district deeply regrets incident & will notify potentially affected individuals

Northeast Independent School District

Breach Type - Ransomware

Data Breaches
April 7th, 2016

Northeast Independent School district fell victim to ransomware attack
District did not pay ransom
No sensitive information compromised during attack
Three separate ransomware attacks took place in span of 3 months
Little data lost – thanks to backups

Corsicana Independent School District

Breach Type - Phishing

Corsicana Daily Sun
February 1st, 2016

Corsicana Independent School District fell victim to spear-phishing scheme
Employee sent all 2016 W-2 forms to hacker
IRS & state taxing agencies notified TX school district of phishing scam
Corsicana notified local authorities and FBI

Texas Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in
9-1-1 Cyber News?

Follow Us!

Texas Cyber Attacks

Infrastructure Affected

Public Safety

Government

Medical

Education

Public Safety

Local Government

Medical

Education

Want the latest in9-1-1 Cyber News?

Follow Us!

Want the latest in
9-1-1 Cyber News?