Texas Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Texas.jpg
 

Public Safety

MedStar 911 dispatch, patient care reporting systems disrupted after cyberattack, officials say, Tarrant County

Breach Type – Unknown, Data Breach

WFAA News

  • "MedStar’s 911 computer-aided dispatch and patient care reporting systems were affected in a cyberattack Thursday, officials say.”
  • ”MedStar spokesperson Matt Zavadsky says systems are currently being “diligently scrubbed and methodically being placed back online,” after the attack on the computer network was detected this morning.”
  • “At this time, there are no EMS service interruptions, but Zavadsky says employees were doing manual radio dispatching until they were confident the systems were secured. MedStar said it does not have any evidence indicating there was a breach of patient or 911 records.”
Read More

 
1.8 TB of Police Helicopter Surveillance Footage Leaks Online, Dallas County

Breach Type – Hacking, Data Breach

Wired.com

  • “…newly leaked aerial surveillance footage from the Dallas Police Department in Texas and what appears to be Georgia's State Patrol underscore the breadth and sophistication of footage captured by another type of aerial police vehicle: helicopters.”
  • “The…group Distributed Denial of Secrets, or DDoSecrets, posted a 1.8-terabyte trove of police helicopter footage to its website on Friday. DDoSecrets cofounder …says that her group doesn’t know the identity of the source…The source simply said that the two police departments were storing the data in unsecured cloud infrastructure.”
  • “The vast majority of the leaked footage appears to come from the Dallas Police Department. In response to three screenshots from the leak, DPD public information officer Brian Martinez wrote in an email that “the pictures show screenshots of video from the department helicopter.”
Read More

 
The Austin Regional Intelligence Center, Travis County

Breach Type – Hacking, Data Breach

Wired

  • Over one million sensitive law enforcement files were released following cyberattack
  • Bad actors dumped a collection of 269 gigabytes of data
  • Officials advised that much of the information originated in law enforcement fusion centers
Read More

 
University of Texas at Arlington Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Irving Law Enforcement Officer Data, Dallas County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Arlington Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Fort Worth Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Saginaw Law Enforcement Officer Data, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Tarrant County Constables, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Fort Worth Federal Marshals, Tarrant County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Texas Department of Public Safety, Travis County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Hood County Sheriff’s Office, Hood County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Memorial Villages Police Department, Harris County

Breach Type – Hacking, Data Breach

Governing

  • 200 police departments were victim of massive data breach
  • Cyberattack revealed detailed private information such as names, phone numbers, addresses
  • Bad actors gleaned potentially-damaging information from thousands of homes
Read More

 
Cooke County Sheriff's Office, Cooke County

Breach Type – Unknown, Ransomware

Gainesville Daily Register

  • Sheriff's office was victim of Independence Day cyberattack
  • Bad actors shared screenshots of sensitive data on the dark web
  • Hackers threatened to release the data within seven days
Read More

 
City of Austin Government & Police Department Websites, Travis County

Breach Type – Hacking, Other

KXAN

  • City government website was taken out in cyberattack
  • Austin police department's systems remained operational
  • Hacker group Anonymous laid claim to the defacement
Read More

 
City of Robstown Police Department, Nueces County

Breach Type – Hacking, Ransomware

Caller

  • Robstown Police Department victim of ransomware cyber attack, among 22 others hit across Texas
  • IT officials confirmed that the majority of ransomed data had been recovered
  • Data taken included evidence such as videos and photos, in addition to reports for investigations
Read More

 
Vernon Police Department, Wilbarger County

Breach Type – Unknown, Ransomware

Texomas

  • Vernon Police Department among victims of Texas-wide ransomware attack
  • Vernon Police Chief stated that the shutdown made the department revert to older record-keeping methods
  • Department's master main files were unavailable and officers were required to take extra time filing paper reports
Read More

 
Graham Police Department, Young County

Breach Type – Unknown, Ransomware

Graham Leader

  • Graham Police Department was among more than 20 agencies attack with ransomware in Texas
  • Texas DIR believed only a single bad actor had been involved in the coordinated attacks
  • Young County Sheriff confirmed that one of GPD's servers had been taken out with another being ransomed for $5,000,000
Read More
Graham Leader

  • IT officials confirmed that the ransomware attack came through an outdated server
  • IT officials further stated that they had just recently installed antivirus software which helped mitigate the attack
  • GPD servers were kept offline while the IT department further analyzed the attack
Read More

 
Bonham Police Department, Fannin County

Breach Type – Unknown, Ransomware

KXII

  • Bonham Police was among 22 other victims in coordinated ransomware cyber attack in Texas
  • Bonham Police Chief confirmed department had been hit in attack
  • Officials confirmed that personal information had not been compromised
Read More

 
Robertson County Sheriff's Office, Robertson County

Breach Type – Unknown, Ransomware

KBTX

  • Sheriff's Office victim in cyber attack that hit more than 20 entities in Texas
  • Officials advised that computers remained unaffected and that impact was minimal
  • Officials did not state whether a ransom had been paid to the attackers
Read More

 
City of Wilmer & City of Wilmer Police Department, Dallas County

Breach Type – Unknown, Ransomware

CBS Local

  • IT experts worked around the clock to restore the Police Department, Water Department, and Library systems
  • The city of Wilmer is only just one of many cities facing a widespread ransom attack encrypting all files
  • It was estimated that restoration of nominal operations could be weeks away
Read More

 
Jackson County Government Systems, Jackson County Sheriff’s Office

Breach Type - Phishing, Ransomware

Victoria Advocate

  • Services were still down to using pen and paper following the cyber attack holding their systems for ransom
  • It is assumed that the hackers were able to gain access through a phishing scheme, they were unwilling to pay ransom
  • As other options are being looked into the Sheriff’s office had continued to rely on pen and paper reports
Read More

 
Potter County Government Systems, Potter Co.

Breach Type - Unknown/Malware

My High Plains

  • Potter county is working to remove a virus that hit its systems
  • Data is left encrypted after the attack, early voting is not affected and will continue as normal
  • The district has made efforts to isolate the virus so that it doesn’t spread
Read More
ABC7

  • Employees were left to pen and paper as the virus continued to spread
  • Normal systems are left compromised as cases are left untouchable as systems remain down
  • The sheriff’s office has to rely on other centers to run plate checks as other information is left to pen and paper
Read More
My High Plains

  • Potter County, Texas victim of long-term damaging ransomware cyberattack
  • Sheriff's office lost data from December 2017 on
  • Officials believed affected offices back to normal
Read More

 
Fisher County Sheriff’s Office, Fisher County

Breach Type - Phishing, Ransomware

Double Mountain

  • The sheriff’s office fell victim to a phishing attack on their email systems
  • Several files were held in ransom kept out of reach for the sheriff’s office
  • No demands were paid and the full damage of the attack is being looked into
Read More

 
City of Lancaster Emergency Outdoor Warning Sirens, Dallas County

Breach Type - Hacking, Other

Dallas News

  • Officials state hacker activated tornado warning sirens within the city
  • Incident initially described as a malfunction, discovered to be person with hostile intent
  • City officials advised that technical experts would be consulted, law enforcement investigating
Read More

 
Bexar County Sheriff’s Office, Bexar County

Breach Type - Hacking, Other

Fox San Antonio

  • FBI appeared at Bexar Jail after it appeared to be hacked
  • Several thousand pieces of hardware were checked for any evidence of tamper
  • Almost 40,000,000 files have been scanned
Read More

 
Lamar County Sheriff's Department, Lamar County

Breach Type - Hacking, Ransomware

ZD Net

  • The malware infiltrated through remote desktop in a series of attacks
  • Services were down for the Sheriff’s office
  • Stored data became encrypted from the ransomware
Read More

 
City of Dallas & Dispatch System

Breach Type - Virus

Dallas News

  • Virus slowed down/shut down multiple city services
  • Impacted Computer Aided Dispatch system
  • Outages continued for 2 days – dispatch restored at 5:30pm the first day
Read More

 
Columbus Police Department

Breach Type - Hack

Colorado County Citizen

  • Catastrophic computer failure as servers went down
  • Affected in-car & body camera system, internal/external email, & accident reporting system
  • Columbus did not have its own IT contractor prior to incident
  • Implementing security measures as precaution
Read More

 
Malfunction of 156 Outdoor Dallas sirens

Breach Type - Hack

Route 50

  • 911 systems flooded with phone calls
  • Hack came from within Dallas
  • Public announcement to citizens advising not to call 911 about siren concern
Read More

 
Cockrell Hill Police

Breach Type - Ransomware

WFAA 8

  • Lost video evidence and a cache of digital documents
  • No files/confidentials were breached to an outside source
  • Malware originated from Russia or Ukraine
  • Demanded $4000 in bitcoin
  • Department did not pay ransom after consulting with the FBI
Read More

 
Palm Hill Police Department

Breach Type - Ransomware

KRGV

  • Years’ worth of data on the line
  • $250 ransom
  • Moved files before permanently losing data
Read More

 
BACK TO TOP

Local Government

Dallas Central Appraisal District hacked, down for days, Dallas County

Breach Type – Hacking, DoS

The Real Deal

  • ”The Dallas Central Appraisal District’s website has been down for at least two days since it was hacked this week. The website, dcad.org, serves the Dallas County tax-assessor’s office and experienced a cyberattack that shut it down for the time being, D Magazine reports."
  • "The appraisal district doesn’t know who executed the attack or whether it was foreign or domestic, Cheryl Jordan, director of DCAD community relations, told the publication.”
  • ”The website contains publicly available property valuations and plat maps for all of Dallas County, in accordance with state law.”
Read More

 
City of Huntsville addresses Cyber Security Incident, Walker County

Breach Type – Other, Data Breach

The Huntsville Item

  • “The City of Huntsville reported a Cyber Security Incident on Friday that impacted multiple systems. According to a press release issued at noon Monday, the City took "immediate steps to protect our environment, including disconnecting certain functionality to protect against any further harm."
  • ”"The investigation is in its early stages and ongoing," said City Manager Aron Kulhavy. "Our goals right now are to remove any and all infections from our systems, make sure all devices are clean, and restore functionality. We are working as quickly as we can to determine the scope and impact of the incident."
  • “The Huntsville Police Department has posted to their social media sites that computers are still down and unable to produce accident reports due to the network issues. Instead, citizens are directed to the Texas Department of Transportation’s website C.R.I.S. Purchase that allows citizens to find their crash reports.”
Read More

 
DeWitt County loses over $300k to cyber scam

Breach Type – Phishing, Other

Victoria Advocate

  • “… a county employee responded to an email June 14 in which a scammer, posing as a court-approved vendor, asked to change bank account information. The change affected where future payment of the vendor's invoices were sent.”
  • “On July 5, the press release said, the county auditor became aware the electronic payment was made to an unverified account. Further inquiry revealed the vendor had not received any recent payments.”
  • “The $305,301.75 payment was made to a Bank of America bank account, County Judge Daryl Fowler said. The funds were then wire transferred to institutions outside of the United States…”
  • “She did note that the systems hit by the attack are not ones that control the operation of the sewage system.”
  • "Most of the money will be recovered through a cyber-scam insurance payment to DeWitt County of $250,000, Fowler said.”
Read More

 
Brooks County pays off hacker with tax dollars after ransomware

Breach Type –Hacking, Ransomware

KZTV 10

  • "A recent ransomware attack on Brooks County’s Justice of the Peace and district courts, and finance department, cost it more than $37,000."
  • "The attack took place after an employee opened an email containing a link that allowed someone to hack their system."
  • "The only data that we had that wasn’t backed up was in our auditor's office, where we have our financial software.”
  • "The hacker demanded Brooks County pay them $93,000, but county commissioners negotiated with the hacker and eventually agreed to pay less than half that amount."
Read More

 
Guadalupe County investigating potential network breach

Breach Type – Phishing, Malware

Seguin Gazette

  • “On Saturday, the county became aware of a network disruption impacting operations, Guadalupe County Emergency Management Coordinator Patrick Pinder said in a new release on Monday. Experts were investigating what happened and determining how bad it was, he said.”
  • “The Guadalupe County Sheriff’s Office, Emergency Management and information technology crews are helping with the investigation, Kutscher said. They notified the Texas Secretary of State’s office, the state’s office of court administration, the Department of Information Resources and other law enforcement agencies at the local, state and federal level to help…”
  • "The issue began when county email services were not functioning properly, Kutscher said. Guadalupe County has safety precautions built into its systems that ceases operations when abnormalities are detected, he said.”
  • “As of Monday evening, the county had discovered no evidence that any personal identifying information had been accessed or acquired. While things are being investigated, most of the county’s email addresses are being taken offline, Kutscher said. But a secure email address is in place for people in the public who have questions, he said.”
Read More

 
City of Amarillo thwarts cyberattack: no data lost, no ransomware deployed, Potter County

Breach Type – Hacking, Ransomware

ABC 7 Amarillo

  • “A cyberattack on the City of Amarillo was successfully thwarted over the weekend.”
  • ”According to the City, there is no evidence of a data breach at this time and no ransomware deployed.”
  • ”Due to the City of Amarillo’s identification and quick containment actions, it appears that they prevented any destructive code from executing,” said Kevin Walsh, Senior Consultant SecureWorks. “Without these actions, this could have been a far more devastating situation.”
  • ”As a precaution, the City’s email system will be offline until the IT department determines if was not affected by the attempted cyberattack.”
Read More
ABC 7 Amarillo

  • ”The City of Amarillo’s systems are fully back up and running after they identified what they called unusual behaviors on an IT system.”
  • ”On Friday at noon, there were signs of a potential attack. By 2 PM all external connections were shut down as a precaution.”
  • ”Gagnon explained this was a ‘zero-day attack,’ unlike an email with a virus infected link, it’s a new more sophisticated approach.”
  • ”…the minute we have an incident like this, I report it to the Criminal Justice Information System. I brought an outside incident team that’s not City of Amarillo staff.”
Read More

 
Bexar County Appraisal District hit by ransomware attack, working to restore systems, Bexar County

Breach Type – Unknown, Ransomware

FOX San Antonio

  • “The Bexar County Appraisal District said around 10 a.m. on Sunday, they were hit by a ransomware attack, which prompted mitigation efforts soon after.”
  • “They notified the FBI and the district's staff has been hard at work to restore all of their systems. The district's statement said that "initial forensics reveal that the systems were partially affected and damaged files are currently being restored.”
  • “The property records database was not encrypted from the attack. At this time, we are still in recovery mode and full assessments are ongoing. We are working to restore functionality as fast as possible; however, it may take a couple of days to restore full functionality."
Read More

 
Hackers breached computer network at key US port but did not disrupt operations, Harris County

Breach Type – Hacking, Other

CNN

  • "In the case of the Port of Houston, the unidentified hackers broke into a web server somewhere at the complex using a previously unidentified vulnerability in password management software at 2:38 p.m. UTC on August 19, according to the Coast Guard report. The intruders then planted malicious code on the server, which allowed further access to the IT system.”
  • “Beginning about 90 minutes after the initial breach, the hackers stole all of the log-in credentials for a type of Microsoft software that organizations use to manage passwords and access to their networks, according to the report. Minutes later, cybersecurity staff at the port isolated the hacked server, "cutting off unauthorized access to the network," the advisory said.”
  • “A handful of security incidents in recent years have prompted US officials to focus more on maritime cybersecurity.”
  • ”The Port of Houston is a 25-mile-long complex through which 247 million tons of cargo move each year, according to its website.”
  • “It's unclear who was behind the breach, which appears to be part of a broader espionage campaign.”
  • Read More

 
Texas Health and Human Services Commission and Texas Medicaid, State of Texas

Breach Type – Phishing, Data Breach

Dallas News

  • A medicaid subcontractor for the state of Texas experienced a breach exposing tens of thousands of residents
  • The final report about the incident stated that information exposed included names, addressees, dates of birth, social security numbers, and more
  • In an attempt to restore the systems BRSI paid ransom to bad actors
Read More

 
City of Austin, Travis County

Breach Type – Hack, Data Breach

The Virginian-Pilot

  • City government advised that federal authorities helped investigation
  • Bad actors are believed to have origins in Russia
  • Officials advised that personal information and critical systems remained intact
Read More

 
Snyder City Hall, Scurry County

Breach Type – Unknown, Ransomware

Everything Lubbock

  • City hall forced to close following ransomware cyberattack
  • Officials stated they couldn't accept payments at time of attack
  • IT director advised that city's security efforts are always changing
Read More

 
Arkansas and Bowie County systems, Arkansas and Bowie County

Breach Type – Unknown, Ransomware

TXK Today

  • City government was victim of ransomware cyberattack
  • Several agencies were affected, including courts
  • Outage increased wait times and left some services unavailable
Read More
ArkLaTex

  • Bowie County is about two weeks away from a full recovery, and that officials opted not to pay the ransom
  • County had cyber liability insurance that covered ransomware, but official were quoted as not wanting to reward bad behavior by paying the ransom
  • County operations were compromised for about six weeks with no major loss of information expected
Read More

 
Parker County Systems, Parker County

Breach Type – Unknown, Malware

Weatherford Democrat

  • Parker County discovered they were impacted by computer security incident
  • The discovery prompted IT staff to quickly isolate the compromised systems to limit the spread of the attack
  • Parker County and supporting organizations are investigating the origins of this attack, however response and recovery are the county's top priorities at this time
Read More

 
City of Odessa, Midland County

Breach Type – Unknown, Data Breach

CBS 7

  • City was victim to cyber attack through exploit in web payment portal
  • Breach only affected online users in payment system with Click2Gov
  • City is looking at a new payment system through different web portal provider
Read More

 
Town of Hollywood Park, Bexar County

Breach Type – Phishing, Malware

KSAT

  • Bad actors attempted to steal nearly half a million dollars from the town
  • Two fraudulent wire transfers were taken from the city's funds
  • A trojan type virus was primarily the reason for this attack that was downloaded in phishing scam
Read More

 
George W. Bush Presidential Center, Dallas County

Breach Type – Unknown, Data Breach

Daily Wire

  • The center was notified by its cloud based data management service that a ransom was paid to regain access to the centers data
  • Due to the nature of the attack the center believes that the data was not misused
  • The cloud service released public notice of the potential exposure in good faith that the data is not being used in bad motives
Read More

 
City of Austin, Travis County

Breach Type – Unknown, Malware

KXAN

  • The attack was claimed by hacker group Anonymous stating they were the ones to take the website down
  • Following the attack the website was put back online stating that systems were functioning like normal again
  • Authorities are led to believe there will be further instances of attacks like these
Read More

 
City of Garrison, Nacogdoches County

Breach Type – Unknown, Ransomware

KTRE 9

  • Officials believed local city and county hit in cyberattack
  • School district had hundreds of computers affected
  • Third party investigators were brought onboard to assist
Read More

 
City of Port Lavaca, Calhoun County

Breach Type – Unknown, Ransomware

Victoria Advocate

  • Bad actors utilized ryuk ransomware in cyberattack
  • At last report, city had $50,000 repair bill
  • Officials confirmed files were encrypted and unaccessible
Read More

 
Department of Transportation, State of Texas

Breach Type – Unknown, Ransomware

KBTX-TV3

  • Texas DoT website and servers taken out in cyberattack
  • Bad actors utilized ransomware in hit on services
  • State and federal law enforcement investigated
Read More

 
Office of Court Administration, State of Texas

Breach Type – Unknown, Ransomware

AbaJournal

  • Ransomware used in cyberattack that hit Texas courts
  • Officials confirmed they would not pay the ransom
  • Press release indicated sensitive information remained intact
Read More

 
Grayson County Government Systems, Grayson County

Breach Type - Unknown, Ransomware

KTEN

  • Emergency services remained unaffected after ransomware cyberattack
  • County officials reached out to state agency for assistance
  • Voting and elections processes remained unimpacted
Read More

 
Public Utility Commission of Texas (PUCT) website, State of Texas

Breach Type – Hacking, Other: Website Defacement

Electric Choice

  • Texas Public Utility Commission was victim of cyberattack
  • Officials confirmed that no permanent damage had been done
  • Personal or confidential information was not stolen
Read More

 
Burnet County Government Systems, Burnet County

Breach Type – Unknown, Ransomware

Highland News

  • Burnet County among several localities hit in cyberattack
  • Bad actor's utilized ransomware to breach servers
  • Attack happened prior to Christmas
Read More

 
Texas Department of Agriculture, State of Texas

Breach Type – Hacking, Other: Website Defacement

Gov Tech

  • State agency's website defaced by bad actors from Iran
  • Officials advised that several attempts were traced to Middle East
  • Spokesperson stated that the cyberattack wasn't a hack
Read More

 
City of Ingleside, San Patricio County

Breach Type – Unknown, Ransomware

KIIITV

  • Ransomware attack left the city without internet and its servers forcing them to remain down during repairs
  • The affected computers are remaining offline until they are fully scanned for threats before being brought back online
  • Only the city hall, library, and annex are able to receive phone calls at time of repairs
Read More

 
City of Odessa, Midland County

Breach Type – Hacking, Data Breach

Data Breaches

  • Hacking incident that happened over the course of a month was discovered
  • Resident credit and debit card information was likely leaked
  • Officials sent letters to customers that were affected in the attacks
Read More

 
City of Waco, McLennan County

Breach Type – Hacking, Data Breach

WacoTrib

  • Credit card information likely stolen from city servers
  • Over 8,000 residents were notified of the breach
  • Officials advised citizens to monitor financial information
Read More

 
City of Waco, McLennan County

Breach Type – Hacking, Superion Breach

WacoTrib

  • City and its water customers were victims of cyberattack
  • Over 2,500 online billing records were discovered for sale
  • Officials worked closely with vendor Click2Gov to correct problem
Read More

 
City of Sugar Land, Fort Bend County

Breach Type – Hacking, Data Breach

Chron

  • City in Texas was one among multiple cities affected by Click2Gov cyberattack
  • Officials forced to utilize different payment system going forward
  • City was unaware of how large the breach was until almost two months later
Read More

 
City of Fort Worth, Tarrant Co.

Breach Type – Hacking, Data Breach

Star Telegram

  • Thousands of citizens likely had personal information taken during breach
  • Citizens that made a payment during a nearly two month period likely affected
  • City officials offered free credit monitoring for a full year to victims
Read More

 
City of College Station, Brazos County

Breach Type – Hacking, Data Breach

KBTX

  • Texas city forced to warn citizens about possible cyberattack
  • Popular system Click2Gov had data security issue
  • City worked with federal law enforcement and private investigators
Read More

 
City of San Angelo Online Water Billing System, Tom Green County

Breach Type – Hacking, Data Breach

Go San Angelo

  • City investigated cyberattack after resident billing information likely stolen
  • Officials urged citizens to monitor accounts for fraudulent activity
  • Affected individuals were contacted via email from the city
Read More

 
City of Carrollton; Denton, Dallas, and Collin County

Breach Type – Unknown, Malware

CBS DFW Local

  • Carrollton, Texas and several counties were victims of malware cyberattack
  • Officials stated that city services had been impacted
  • Public safety and 911 emergency response remained unaffected
Read More

 
Travis County Appraisal District, Travis County

Breach Type – Unknown, Ransomware

KUT

  • County district was hit with ransomware cyber attack, officials stated they did not pay the ransom
  • Officials advised that core system had been restored, district worked with state agencies to identify bad actor
  • District officials stated that off-site redundancies helped to mitigate damage
Read More

 
City of Palestine, Anderson County

Breach Type – Phishing, Other

Gov Tech

  • The computer systems was hacked leaving questions concerning the security of the Texas's systems
  • Phishing emails almost cost the city $1,200 in false requests to supervisors purchasing 'Google Play' gift cards
  • Some employees ignored the abnormal requests but some department heads fell victim and paid for said cards
Read More

 
City of Lampasas, Lampasas County

Breach Type – Unknown, Ransomware

KXXV

  • Lampasas city in Texas among 22 Texan cities attacked with ransomware
  • Officials stated the attack affected city operations, no personal information was leaked
  • City was able to mitigate losses with emergency response protocols
Read More

 
Lubbock County Government Systems, Lubbock County

Breach Type – Unknown, Ransomware

Fox 34

  • Ransomware cyber attack affected 22 cities across Texas in coordinated hit
  • County IT department worked quickly to contain the threat
  • IT was able to isolate and contain the ransomware, preventng computer systems from further infection
Read More

 
Grayson County Government Systems, Grayson County

Breach Type – Unknown, Ransomware

Armor

  • Grayson County computer services were offline for less than 24 hours after ransomware attack
  • County officials confirmed systems were fixed and that no other issues had occurred
Read More

 
City of Kaufman, Kaufman County

Breach Type – Unknown, Ransomware

NY Times

  • Kaufman city phone services were disabled in ransomware cyber attack
  • City officials advised that they were unable to discuss details of the attack
Read More
Armor

  • City of Kaufman computer and phone systems were rendered unusable in ransomware attack
  • City's ability to access data and payments was greatly limited
  • Police and fire services remained operational, in addition to City Hall
Read More

 
City of Borger, Hutchinson County

Breach Type – Unknown, Ransomware

News Channel 10

  • The city was one of a reported 20 entities that were targeted in the latest ransomware strings
  • Basic services are still provided in the state the City is in such as Police, Fire, Animal Control, and more
  • Utility payments are unavailable and databases such as "Vital Statistics" remain rendered unusable
Read More

 
City of Keene, Johnson County

Breach Type – Unknown, Ransomware

NPR

  • Due to this attack, the city was unable to process any utility payments on its systems
  • The hackers targeted the software the city used that was also managed by an outsourced company, causing the widespread attack
  • $2.5 million in ransom was requested by hackers to "restore" systems
Read More

 
City of Tyler Website, Smith County

Breach Type – Hacking, Other: Website Defacement

Tyler Paper

  • The website was hacked by another self proclaimed "hacktivist" briefly being taken over and replaced with a defacing image
  • It was determined that only the website was affected and no sensitive information was affected
Read More
KLTV

  • The site is still rendered offline making the public unable to use it to pay things such as tickets and access other public services hosted online
  • This anti-government groups seem to be doing nothing more than defacing websites with their messages and leaving sensitive information alone
  • Luckily the website pages that were affected are not hosted on the same servers as the publics private information
Read More

 
Milam County Government Systems, Milam County

Breach Type - Phishing, Ransomware

Cameron Herald

  • An attack crippled the computer systems throughout the county interrupting many processes that were under way
  • The virus initially was in standby until IT was working on a system transfer triggering the attacks
  • Ransom of $180,000 was requested but it was not paid as the county was able to get systems recovered
Read More

 
City of Edcouch, Hidalgo County

Breach Type - Hacking, Ransomware

The Monitor

  • City computers were infiltrated by hackers and then held for ransom for eight bitcoins equaling $40,000
  • All data that was accessed by hackers was encrypted and phone lines associated were rendered useless over the weekend
  • Directions to download a tor browser and give payment were supplied by the hackers in an effort to get ransom paid
Read More

 
City of Fort Worth, Tarrant County

Breach Type - Phishing, Other

Star Telegram

  • City of Forth Worth victim of e-mail phishing scheme, lost nearly $700,000
  • Hacker utilized scam e-mail that appeared to be from one of the city's vendors
  • E-mail requested city change electronic deposit to a different bank
Read More

 
City of Laredo, Webb County

Breach Type - Ransomware

IMTONLINE

  • City of Laredo attacked by ransomware virus that encrypted City Secretary's Office document system
  • City officials advised that by the next day most of their departments' systems were functional
  • During the attack, all city employees' computers had to be powered off to stop viral spread
Read More

 
City of Del Rio, Val Verde County

Breach Type - Ransomware

News4SA

  • City servers disabled after ransomware attack
  • Employees were unable to log in due to denied access
  • Unclear if personal data was compromised
  • All City Hall transactions completed on paper until further notice
Read More

 
City of Houston Permitting Center, Harris County

Breach Type - Other, Data Breach

ABC 13

  • Two cyber attacks occurred mid year 2017, details newly released
  • Thousands of planning documents and permit applications deleted by hackers
  • No security controls turned on to prevent data breaches, security problems not corrected at the time of the attacks
  • Firewalls were not set up correctly and no server monitoring tools were in place
Read More

 
Grimes County

Breach Type - Phishing, Malware

Navasota Examiner

  • Grimes County requested emergency funds to remediate Emotet Malware from the network
  • Approved emergency funds consist of over $26,000
  • 55 county machines are known to be infected
  • Concern surrounds the data at risk, in particular the sheriff’s department criminal database
  • County training employees how to open SPAM emails
Read More

 
City of Tyler, Smith County

Breach Type - Other/Vulnerability, Data Breach

Tyler Paper

  • Unknown third party hacked payment system used by residents to pay water bills and municipal court fees
  • U.S. Secret Service notified city and cyber incident investigated at a federal level
  • City shut down the service, relaunching with additional security
Read More

 
City of San Angelo, Tom Green County

Breach Type - Other/Vulnerability, Data Breach

San Angelo Live

  • City suspended online utility payments due to data breach
  • City customers’ credit card numbers compromised
  • Third party vendor conducting forensic investigation
Read More

 
Fort Worth, Tarrant Co.

Breach Type - Hack

NBC

  • Chief Technology Officer claimed Fort Worth had one or two breaches
  • Two accounts compromised by hackers
  • Employee login brute-forced
  • Hackers changed direct deposit information
Read More

 
City of Midland, Midland Co.

Breach Type - Other, Data Breach

MRT

  • Vulnerability in Superion's bill pay system leaves Midland City vulnerable to hackers
  • Citizens' financial data potentially breached
  • City advised potentially affected users sign up with fraud protection services
Read More

 
Galveston County

Breach Type - Hack

Click 2 Houston

  • More than $500,000 disappears as result of a hack on Galveston County
  • Hackers rerouted payment money between county and trusted construction vendor
  • Law enforcement leads investigation to find money & hacker
Read More

 
City of Farmersville, City of Anna, City of Sachse, Collin County

Breach Type - Ransomware

Farmersville Times

  • Ransomware virus drastically affected city's ability to take payments and send out utility bills
  • Collin County cities, including Anna & Sachse, also hit with virus
  • City email not operational
Read More

 
Presidio County Appraisal District

Breach Type - Ransomware

Big Bend Now

  • Malicious email attachment opened by district employee
  • Launched rapid ransomware on district main server
  • Isolated the infected files & wiped server
Read More

 
City of Bryan

Breach Type - Phishing

WTAW

  • City of Bryan falls victim to a spear phishing campaign
  • Investigation with city of Bryan Police & the FBI are ongoing
  • No personal information has been compromised
Read More

 
State of Texas Election System

Breach Type - Hack

NBC News

  • Senior intelligence officers believe Texas was one of original states affected by election hacking
  • Websites believed to be affected, not voting systems
  • Texas Secretary claims no voting info/registration info was compromised before 2016 election
Read More

 
City of Corpus Christi

Breach Type - Cryptojack/Other

WCCF Tech

  • Over 4,200 victims hijacked to mine Monero cryptocurrency
  • Secretly hijacked using compromised plug-in called "Browsealoud"
  • Though sites were affected for hours, no user data was affected/compromised
Read More

 
Denton City Hall

Breach Type - Phishing

FraudAlert

  • 62 email accounts affected in attack, only 1 compromised
  • City government doesn't appear to have lost anything
  • Reset all possibly affected accounts
  • Police informed of incident
Read More

 
Harris County

Breach Type - Phishing

Houston Chronicle

  • 3 weeks after Hurricane Harvey, fraudulent contractor asks Harris Co. for $888,000
  • Sent the money over, realized after that this was a phishing scam
  • Quietly scrambled to recover money, working with FBI to track down scammer
Read More

 
City of Waco, McLennan County

Breach Type - Other/Vulnerability, Data Breach

City of Waco

  • Payment information through the City’s online payment system not properly encrypted
  • Payment card information potentially exploited by unauthorized individuals
  • Investigation currently underway
Read More

 
Kerr Central Appraisal District

Breach Type - Hack

My San Antonio

  • An infected email opened by district employee launches virus on Kerr servers
  • Virus unleashed spam emails from district to properties appraised by district
  • Necessary to wipe district servers & reinstall software & data
Read More

 
Midland County

Breach Type - Hack

News West 9

  • Third-party payment system was hacked
  • Data could have been compromised during a security breach
  • Advising customers not to give out payment info over the phone
Read More

 
Texas Department of Agriculture

Breach Type - Ransomware

Square Meals

  • Employee's state issued laptop compromised through malicious ransomware attack
  • Students in 39+ school districts of Texas have potential of compromised data
Read More
Square Meals - Security Notice

  • TDA recommends affected individuals contact major credit bureaus
  • To activate free fraud alert
Read More
SC Magazine

  • Department operates the state's federal nutrition program
  • More than 700 students affected, valuable data (SS numbers, home addresses, birth dates, etc.)
Read More

 
City of Beaumont, Jefferson County

Breach Type - Other, Data Breach

Beaumont Texas

  • Water customers alerted City to unauthorized charges on payment cards used to pay online bills
  • City immediately shut down online water bill payment system
  • Breach occurred throughout early August
Read More

 
City of San Marcos

Breach Type - Phishing

KXAN

  • Spear phishing email puts any person employed by the city starting from 2016 at risk
  • 803 employees' information potentially compromised
  • Employee received and responded to malicious email, attaching the 2016 W2 information
  • At least a dozen employees reported their taxes are being filed – by someone else
  • The city has notified the IRS, taxing authorities, and local police
Read More

 
Tarrant County

Breach Type - Ransomware

Star-Telegram

  • Malware infected computer, was not initially obvious
  • Isolated employee’s data from the rest of the computer network
  • Restored files without having to pay ransom
Read More

 
Alto City Office

Breach Type - Ransomware

Jacksonville Progress

  • Ransomware carried in seemingly benign email invoice
  • Employee opened email attachment
  • Ransom of $500 for first computer proposed
Read More

 
BACK TO TOP

Medical

St. Luke’s Health Suffers Third-Party Data Breach, Unrelated to CommonSpirit Attack, Harris County

Breach Type – Unknown, Data Breach

Health IT Security

  • ”Texas-based St. Luke’s Health notified nearly 17,000 individuals of a third-party vendor data breach that originated at Adelanto Healthcare Ventures, a consulting services vendor."
  • "Texas-based St. Luke’s Health notified 16,906 individuals of a third-party data breach that impacted Adelanto Healthcare Ventures (AHCV), a consulting services vendor. The breach is unrelated to the October ransomware attack at St. Luke’s Health’s parent company, CommonSpirit Health, which impacted multiple facilities, including St. Luke’s. In a recent notice to patients, St Luke’s Health explained that AHCV discovered that two of its employee email accounts were compromised by a third party on November 5, 2021.” “An initial investigation by AHCV indicated that no protected health information had been exposed,” the notice explained.
  • ”However, after further review, AHCV determined that the compromised email accounts contained St. Luke’s Health protected health information and notified St. Luke’s Health of its new findings on September 1, 2022.” The data involved in the incident included names, dates of birth, addresses, Social Security numbers, dates of service, Medicaid numbers, medical record numbers, and limited clinical information. AHCV has since implemented additional security controls and has found no indication that data was misused as a result of the incident.”
Read More

 
Data Security Incident Exposes PHI For Over 1K Zomo Health Members, Harris County

Breach Type – Unknown, Data Breach

Health IT Security

  • ”October 07, 2022 - Healthcare software company Zomo Health disclosed a data security incident to HHS that involved the protected health information (PHI) of 1,359 individuals accidentally being exposed. According to a notice on its website, Zomo Health became aware of a spreadsheet containing plan member information that was inadvertently made accessible through its website on August 5, 2022. The investigation concluded that the spreadsheet was accessible on the internet between January 15, 2022, and August 5, 2022. "
  • "The impacted information potentially included names, dates of birth, Social Security numbers, health plan information, work addresses, phone numbers, email addresses, and information regarding participation in health plan incentives. “The file was made accessible through human error and was not due to intentional or malicious action,” the notice stated. After discovering the error, Zomo Health stated it immediately took the file off the website and secured its contents."
  • ”As a result of this incident, we have remediated the process vulnerability that led to the error and engaged an external security company to enhance the security of our technology systems on an ongoing basis,” Zomo Health said. The investigators have not found evidence that any information has been accessed or stolen, but out of an absence of caution, Zomo Health is mailing letters to impacted individuals.”
Read More

 
OakBend Medical Center hit by ransomware; Daixin Team claims responsibility, Fort Bend County

Breach Type – Unknown, Ransomware

Data Breaches

  • ”While many were looking forward to the Labor Day holiday weekend, the IT department at OakBend Medical Center learned they had been hit with a ransomware attack. The center is still trying to recover."
  • "Bend County Government Cyberteam to investigate. When experts from Dell, Microsoft, Malware Protects, and their IT staff cleared them to start rebuilding their system, they started rebuilding it."
  • "As of September 9, OakBend reported they were still in the process of rebuilding and that phones and email were still impacted. Alternative phone numbers were posted prominently to assist patients in reaching them."
Read More

 
Methodist Hospital McKinney Cyber Attack: Personal Data Hacked, Collin County

Breach Type – Hacking, Ransomware

Community 99

  • "Methodist McKinney Hospital and two of the company’s surgical centers had hacked their computer systems earlier this summer, exposing patients’ Social Security numbers, medical histories and more."
  • "The hacking took place on July 5, when hospital staff were “notified of unusual activity on certain systems.”
  • "The hospital confirmed that an “unauthorized actor” had access to computer systems containing data for Methodist McKinney Hospital, Methodist Allen Surgical Center and Methodist Craig Ranch Surgical Center."
  • "The hospital’s investigation found that the following information was stored in the hacked systems: names, addresses, social security numbers, dates of birth, medical history, medical diagnoses, treatment information, medical record numbers and health insurance information."
Read More

 
BHG Behavioral Health Group Recently notified patients of a December 2021 Breach, Dallas County

Breach Type – Unknown, Data Breach

Data Breaches

  • "Protected health information in those files and folders included the individuals’ full name, Social Security number, driver’s license or state identification number, financial account information, payment card information, passport, biometrics, health insurance information..."
  • "The incident does not currently appear on any dark web leak site related to ransomware groups or markets, or forums where stolen data is offered for sale, free download, or trade, but of course, that does not mean that data has not or will not be misused in the future."
  • "BHG has no evidence to suggest that any information has been misused. However, out of an abundance of caution, on July 27, 2022, BHG provided notification to individuals whose information may have contained in the impacted files and folders."
Read More

 
Texas Health System data Breach Compromises Info of 15,000 Patients, Nueces County

Breach Type – Hacking, Data Breach

Becker Hospital Review

  • “Christus Spohn Health System notified patients of a May data breach that compromised the protected health information of 15,000 patients"
  • “On May 4, the health system's IT security learned that an unauthorized user had accessed its system, which contained protected health information, including patients' full names, Social Security numbers, dates of birth, home addresses, billing and insurance information."
  • "The data breach did not affect health system operations, and there is no evidence to indicate that the compromised information has been misused."
Read More

 
Baptist Health System Announces Data Breach Affecting Patients of Two San Antonio-Area Hospitals , Bexar County

Breach Type –Hacking, Data Breach

JDSpura.com

  • "Baptist Health System confirmed that the company experienced a data breach stemming from an incident in which an unauthorized party gained access to the company’s computer network after installing a line of malicious code on the System’s website."
  • "According to the Baptist Medical Center, the breach resulted in the full names, dates of birth, addresses, Social Security numbers, health insurance information, medical information and billing information of affected patients being compromised."
  • "On June 16, 2022, Baptist Medical Center filed official notice of the breach and sent out data breach letters to all affected parties. The Baptist Health breach affected more than 1.2 million patients in Texas alone."
Read More

 
Texas Tech University Health Science Center patients notified of third-party data security, Potter County

Breach Type – Unknown, Data Breach

KFDA News Channel 10

  • “The Texas Tech University Health Science Center has notified patients of a potential breach of information held by Eye Care Leaders, Inc."
  • "On April 19, ECL provided TTUHSC final results of the investigation into the security incident, confirming some of the databases and files contained patient records."
  • "The ECL’s information contained name, address, phone numbers, driver’s license number, email, date of birth, medical record number, health insurance information, social security number."
Read More

 
80k Affected by Memorial Village ER Hacking Incident, Harris County

Breach Type – Hacking, Data Breach

Health IT Secuity

  • “On March 9, Memorial Village ER in Texas began sending breach notification letters to 80,000 individuals following a February 18 hacking incident.”
  • “The incident potentially exposed names, birth dates, addresses, and COVID-19 testing results. Memorial Village ER said that the data was contained on a HIPAA-compliant secure server. However, an “unknown entity” accessed and hacked the server.”
  • “Memorial Village ER is offering impacted individuals 12 months of identity theft monitoring.”
Read More

 
Data Breach Alert: JDC Healthcare Management LLC, Dallas County

Breach Type – Unknown, Malware

JDSupra

  • "Recently, JDC Healthcare Management, LLC, also known as Jefferson Dental & Orthodontics, confirmed that the company experienced a data security event resulting in certain consumer information being compromised."
  • "On August 9, 2021, JDC Healthcare Management learned that someone installed a malware program on its computer systems."
  • "The company confirmed that certain documents on its servers were “copied from or viewed” between the dates of July 27, 2021 and August 16, 2021."
  • "The compromised information varies by consumer, it may include affected parties’ Social Security numbers, passport numbers, driver’s license numbers, state identification numbers, dates of birth, clinical information, health insurance information and financial information."
Read More

 
Information for over 6,000 Memorial Hermann patients accessed in security breach, Harris County

Breach Type – Hacking, Data Breach

KHOU 11 News

  • "Memorial Hermann is looking into the security breach. Hackers could access social security numbers, financial information and more."
  • "An unauthorized third party accessed multiple files including the following types of PHI: first names, last names, dates of birth, social security numbers, driver’s licenses numbers, financial information, health insurance information and treatment information."
  • "there is no sign of anyone's information being used as a result of this cyberattack."
  • "Advent Health Partners have been investigating the security issue after finding suspicious activity on employee email accounts with data from Memorial Hermann."
Read More

 
Malware attack on Texas hospital exposed employees' wages, patients' health data, Throckmorton County

Breach Type – Unknown, Malware

Becker Hospital Review

  • "Throckmorton (Texas) County Memorial Hospital is notifying 3,136 patients and employees of a data breach after a cyberattack forced it to shut down its IT systems."
  • "The hospital engaged law enforcement and experts to determine the scope of the breach, remove the malware and restore its security systems. The investigation determined the cyberattack began on or around Aug. 25."
  • ”Patient data that may have been exposed includes names, addresses, birth dates and medical-related information. Meanwhile, employees' payroll information, wage history, tax information and Social Security numbers were affected,"
  • "The hospital's operations have been restored"
Read More

 
Hacker breaches Texas hospital's IT systems, exposing 48,000 patients' info, Lavaca County

Breach Type – Hacking, Data Breach

Becker Hospital Review

  • ”Texas Lavaca Medical Center in Hallettsville is notifying 48,705 patients that their protected health data might have been exposed in a cyberattack:"
  • “On Aug. 22, the hospital discovered unusual activity within its computer network, according to a news release. The hospital retained a computer forensics firm to secure the network and launch an investigation to determine the scope of the breach."
  • "The investigation found that a hacker gained access to the hospital's network between August 17-22. The investigation was unable to discover if the hacker accessed patients' data on the system. "
  • ”The hospital said there is no reason to suspect that patients' information has been stolen or misused from the cyber incident."
Read More

 
162,000 patients exposed in ransomware attack on Texas medical group, Kent County

Breach Type – Unknown, Ransomware

Becker Hospital Review

  • "Houston-based Gastroenterology Consultants began notifying patients their data may have been exposed in a ransomware attack on the medical group."
  • "The Jan. 10 ransomware attack potentially exposed 162,163 patients and employees"
  • "The Texas medical group said it resolved the cyber issues and remediated and restored its systems, After undergoing an extensive data-mining process to determine specifically which patients or employees have information exposed, the medical group felt it was more cost-effective to notify all patients and employees instead."
  • "Its EHR was not affected in the breach; however, some protected health information was exposed. Sensitive health information, such as Social Security numbers, was stored in PDFs or Excel files prepared by employees to facilitate patient processing. Fewer than 50 patients' Social Security numbers have been exposed"
Read More

 
American College of Emergency Physicians, Dallas County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • Data was compromised between April 8th and September 21st, 2020
  • Compromised data includes member profile details, which may have financial account information and SSNs
  • ACEP replaced the affected server, changed passwords, and employed additional cyber security measures
Read More

 
ProPath, Dallas County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • Over 39,000 patients were notified of breach in ProPath email accounts
  • Potentially exposed information included Social Security numbers, financial account information, birthdates and more
  • There has been no evidence the information has been misused
Read More

 
Nocona General Hospital, Montague County

Breach Type – Unknown, Ransomware

Data Breaches

  • On February 3rd threat actors added the General Hospital to their leak sight along with 20 files as proof
  • The Hospital believes that the threat actors had been able to access their EMR system on an older out of date server
  • There has been no ransomware request and the Hospital states that there may have been one but they did not read it
Read More

 
Precision Spine Care, Smith County

Breach Type – Hacking, Data Breach

Becker's Hospital Review

  • A hacker was able to gain access to an employee email and attempted payment fraud
  • The attempt was unsuccessful and the account was disabled
  • Over 20,000 patients' information was accessible from the employee account
Read More

 
Central Health, Travis County

Breach Type – Hacking, Data Breach

Patch

  • Healthcare provider was victim of cyberattack
  • IT and law enforcement conducted investigation
  • Officials remained uncertain as to the extent of damage
Read More

 
Hendrick Health Systems, Taylor County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • Healthcare provider forced to shutdown following a data breach
  • Inpatient and emergency services remained intact
  • Third party IT professionals and law enforcement were contacted for assistance
Read More
Abilene Reporter News

  • Healthcare provider's systems reactivated
  • Systems had been offline following cyberattack
  • Officials advised that they would remain diligent for further issues
Read More

 
Hendrick Health Systems, Taylor County

Breach Type – Unknown, Data Breach

Becker's Hospital Review

  • Healthcare provider with 3 hospitals took network offline
  • Officials reassured the public that inpatient and emergency services remained intact
  • Third party IT firms and law enforcement were contacted to assist with investigation
Read More

 
UT Health San Antonio, Bexar County

Breach Type – Unknown, Data Breach

News 4 San Antonio

  • The blackbaud breach had no sensitive information exposed
  • Many different systems were exposed in the Blackbaud breach
  • Exposure is forcing medical systems to notify patients and donors about breach
Read More

 
Texas Children's Hospital, Harris County

Breach Type – Unknown, Data Breach

ABC 13

  • Following Blackbaud data breach, healthcare provider warned patient information exposed
  • Patient names, dates of birth, and other medical information were leaked
  • Officials reassured their patients that they were taking all necessary precautions
Read More

 
United Memorial Medical Center, Harris County

Breach Type – Unknown, Ransomware

Data Breaches

  • Medical center was victim of ransomware cyberattack
  • Bad actors released select patient files as proof of attack
  • Media outlets attempted to contact healthcare center, no response was given
Read More

 
Benefit Recovery Specialists, Harris County

Breach Type - Hacking, Malware

Health IT Security

  • Over 270,000 patients were notified of potential exposure of sensitive information
  • This makes the attack the fourth largest data breach on healthcare data
  • Exposed data may include names, dates of birth, policy identification numbers, provider names, diagnosis codes, dates of service and or procedure codes
Read More

 
Legacy Community Health Service, Harris County

Breach Type – Phishing, Data Breach

Becker's Hospital Review

  • Legacy health services faces a phishing scheme as an employee falls victim to email scam
  • The employee thought the email was from a legitimate source and provided login credentials to bad actor
  • 19,000 individuals had their private information exposed in this breach causing the Legacy Health Service to reach out to those possibly affected
Read More

 
CHI St. Luke's Health-Memorial Lufkin, Angelina County

Breach Type – Phishing, Data Breach

Data Breaches

  • CHI had publicly released that they were affected by bad actors infiltrating their servers and gaining access to patient information
  • The information was contained within two employee emails that is unknown if it was used inappropriately
  • CHI has launched an internal investigation following the attack with forensic experts
Read More

 
AffordaCare Urgent Care Clinic, Taylor County

Breach Type – Unknown, Ransomware

Data Breaches

  • Bad actor known as "thedarkoverlord" utilized ransomware
  • Healthcare center didn't cooperate with bad actor
  • Provider had yet to publicly disclose breach of 14,000 patients' information
Read More

 
United Regional Health Care System, Wichita County

Breach Type - Phishing, Data Breach

News Channel Six

  • Healthcare center was victim of cyberattack
  • Center utilized third party IT firm to assist
  • Officials believed information remained safe
Read More

 
Fondren Orthopedic Group, Harris County

Breach Type - Unknown, Malware

Beckers Hospital Review

  • Over 30,000 patients likely had information stolen
  • Names, addresses, health insurance information leaked
  • Officials stated they would take steps to enhance security
Read More

 
MHMR of Tarrant County, Tarrant County

Breach Type – Phishing, Data Breach

Becker’s Hospital Review

  • Over 6,500 patients had information stolen during cyberattack
  • Healthcare facility forced to send out notifications to affected patients
  • Names, Social Security numbers, among information stolen
Read More

 
Children's Choice Pediatrics, Collin County

Breach Type – Unknown, Ransomware

Becker’s Hospital Review

  • Ransomware used in cyberattack hit against pediatric center
  • Officials confirmed that healthcare facility's data was encrypted
  • Some data was unable to be retrieved by IT personnel
Read More

 
The Center for Health Care Services, Bexar County

Breach Type – Unknown, Ransomware

Cyber Port

  • Health care provider hit with ransomware cyberattack
  • Officials disabled computer network to mitigate damage
  • IT discovered only a single computer server had been hit
Read More

 
Berry Family Services, Rockwall County

Breach Type – Hacking, Ransomware

Beckers Hospital Review

  • Health services provider attacked with ransomware, locked network from access
  • Attack encrypted over 1,700 patients' information
  • Data exposed likely included names, addresses, dates of birth, Social Security numbers, and other health related information
Read More

 
Wise Health, Wise County

Breach Type - Phishing, Other

Data Breaches

  • It has been noted that this attack has impacted over 35,000 patients
  • Employees had fallen victim to a phishing attack on their systems giving login credentials to the hackers
  • Hackers were able to use the information to attempt attacks on payroll systems to try to divert funds
Read More

 
EmCare, Dallas County

Breach Type - Phishing, Data Breach

PR News Wire

  • Hackers were able to gain access to several employee emails
  • EmCare victim of cyber attack that gained access to employees' email accounts
  • Personal information, including patient and contractor information, was likely accessed
  • EmCare unable to determine if information was misused by unauthorized party
Read More

 
Weslaco Regional Rehabilitation Hospital, Hidalgo County

Breach Type - Phishing, Data Breach

Valley Morning Star

  • The hospital had noticed that several employee email accounts were compromised
  • Sensitive patient information had been exposed such as social security, date of birth, patient info, and more
  • Patients are being contacted following the exposure with notifications of exposure and who to contact
Read More

 
Baylor Scott & White Medical Center, Collin County

Breach Type - Hacking, Data Breach

Becker's Hospital Review

  • Vendor for Baylor Scott & White Medical Center suffered cyber attack
  • Cyber attack may have compromised 47,000 patients or guarantors
  • Credit card information compromised in attack
  • Hospital’s information and clinical systems remain unaffected
Read More

 
Altus Baytown Hospital, Harris County

Breach Type - Hacking, Ransomware

Data Breaches

  • Unauthorized party gained access to computer systems at Altus Baytown Hospital
  • Malware encrypted ABH’s records making them inaccessible, to extort money from ABH
  • The ransomware variant, known as Dharma, encrypted backup files
  • Files were successfully decrypted & all files could be restored
Read More

 
NorthStar Anesthesia, Dallas Co.

Breach Type - Phishing, Data Breach

Data Breaches

  • Phishing scheme targeted NorthStar employee credentials
  • Hackers gained access to sensitive patient data
  • Offered Identity Protection & Restoration services for up to two years
Read More

 
Hunt Regional Medical Center, Hunt Co.

Breach Type - Phishing, Other

DataBreaches

  • Hunt Regional employee email compromised by hackers
  • Patient PHI potentially exposed in data breach
  • Hunt offering free identity protection services to those affected
Read More

 
UMC Physicians (UMCP), Lubbock Co.

Breach Type - Hack/Data Breach

KCBD

  • UMC Physicians' employee email account hacked
  • Hackers gain access to private information of 18,000 patient
  • UMCP offering identity protection services to those potentially affected
Read More

 
Texas Health Resources

Breach Type - Hack

Data Breaches

  • Hackers infiltrate employee email accounts
  • Texas health notified patients, from 2017, on potentially compromised data
  • Offered free credit monitoring as precaution
Read More

 
Nuance Dragon, San Antonio Area Hospitals, Bexar Co.

Breach Type - Ransomware

Texas Public Radio

  • Ransomware variant known as WannaCry disabled dictation service from Nuance Dragon
  • Methodist Healthcare facilities, Baptist Health System, & CHRISTUS health all affected in attack
  • Attack created additional work for staff, leaving little time for daily patient care
Read More

 
Hill Country Memorial Hospital

Breach Type - Phishing

Becker's Hospital Review

  • Hackers gained access to employee email through phishing scheme
  • The attack aimed to infiltrate Hill Country's payment department
  • No evidence has surfaced that any sensitive data was compromised
  • As precaution, Hill Country offering one year of free credit monitoring
Read More

 
ABCD Pediatrics

Breach Type - Ransomware

Bank Info Security

  • Though files were encrypted, no ransom was demanded
  • Systems infected with variant of CriSiS ransomware known as "Dharma"
  • Anti-virus software significantly slowed malware & servers were taken offline
  • Massive data breach followed attack as hacker potentially viewed 55,447 sensitive files
  • Incident reported to the FBI and the Department of Health and Human Services
Read More

 
Seguin Dermatologist's Office

Breach Type - Ransomware

Express News

  • Dermatologist stated his office computer was attacked with ransomware
  • Hackers potentially accessed all sensitive information on Seguin servers
  • Seguin offered free identity protection services to its patients
Read More

 
Rainbow Children's Clinic

Breach Type - Ransomware

Data Breaches

  • Computers taken offline during ransomware infection
  • Rainbow Children's Clinic hires third-party investigator to analyze data at risk
  • All patients' data potentially breached
  • Rainbow notified all patients, offered free credit monitoring & identity theft protection services
  • Notified HHS of incident affecting 33,368 patients
Read More

 
Titus Regional Medical Center

Breach Type - Ransomware

Becker's Hospital Review

  • Hackers encrypted Titus Regional database servers
  • Employees could not access EMR and interdepartmental orders
  • Titus holds no reason to believe data has been breached
  • Reverted to paper documentation while restoring servers
Read More

 
BACK TO TOP

Education

TX: Tuloso-Midway Independent School District discloses March 2022 data security incident, Nueces County

Breach Type – Unknown, Data Breach

DataBreaches.net

  • ”Tuloso Midway Independent School District in Nueces County, Texas, has slightly under 3,900 students. A notice posted on their website yesterday explained that on March 16, 2022, one employee’s email account was accessed without authorization. The statement does not reveal when the district first discovered the incident or how it was discovered.”
  • "On October 25, investigators confirmed that the account contained some personal information. The notice did not reveal how many individuals may have had their personal information exposed. The district stated they could not confirm the use or disclosure of any data, only that it was potentially exposed. The potentially exposed data included individuals’ names and driver’s license numbers. No mention was made of any student data being potentially exposed.”
  • ”A report the district filed with the state attorney general’s office today creates a somewhat different impression of the incident. According to the state’s public breach listing, the Tuloso Midway ISD incident potentially affected 2,311 Texas residents and involved the following types of data elements: Name of individual; Social Security Number Information; Driver’s License number; Government-issued ID number (e.g. passport, state ID card); Financial Information (e.g. account number, credit or debit card number); Medical Information; Health Insurance Information; Other”
Read More

 
Mansfield ISD Hit with Ransomware attack, district says, Tarrant County

Breach Type – Hacking, Ransomware

WFAA-TV ABC

  • "The Mansfield Independent School District has been hit with a ransomware attack that's affected many of the district's systems, officials said Monday night."
  • "The attack caused an outage of systems that used internet, such as the website, email and phone systems, according to the district."
  • "Officials added that the attack affected the district's visitor and volunteer management systems, which means that the district has to suspend campus visitors for the time being."
Read More

 
Dallas Independent School District reveals breach, but details are still missing, Dallas County

Breach Type –Unknown, Data Breach

DataBreaches.net

  • "The Dallas Independent School District recently received notice of a data security incident involving the district’s electronic records that may affect former and current students, alumni, parents, and district employees."
  • "At this time, it appears the affected information has been contained and that none of it has been shared or sold."
  • "The incident reportedly potentially affects anyone who was a student, contractor, or employee between 2010 and the present. The data types involved were described as:or some current and former employees/contractors: first and last name, address, phone number, social security number, date of birth, dates of employment, salary information, and reason for ending employment. For some current and former students: first and last name, social security number, date of birth, parent/guardian contact information, and grades. For a subset of students, custody status and/or medical condition was also exposed."
  • "This incident has not appeared on any of the leak sites maintained by dozens of threat actors, forums, or markets…"
Read More

 
Over 26,000 Impacted by Ransomware at Texas School District

Breach Type – Unknown, Ransomware

Government Technology

  • Judson Independent School District's computer and communication systems remained paralyzed Thursday as staffers scramble to understand the extent of a ransomware attack detected a week earlier.
  • District officials weren't disclosing what information the cyberattack compromised but acknowledged that Judson computers, telephones and e-mail services were still down.
  • Judson is working with local, state and federal authorities.
Read More

 
Somerset ISD, Bexar County

Breach Type – Unknown, Ransomware

Data Breaches

  • The school district was reportedly attacked by Avaddon threat actors
  • There have been no public statements released about the attack regarding the information posted online
  • Bad Actors dumped an archive with 1,520 files in 27 folders uncompressed the data equaled about 3 GB of data
Read More

 
Socorro Independent School District, El Paso County

Breach Type – Unknown, Malware

KVIA

  • The Socorro School District was victim of cyber attack
  • In a public release a spokesman stated that the IT department was prompted to take down network as a precaution
  • There is no sign that data was compromised however a data breach remains an ongoing concern
Read More

 
Weslaco Independent School District, Hidalgo County

Breach Type – Hacking, Ransomware

Valley Central

  • School district was victim of ransomware cyberattack
  • Federal law enforcement assisted investigation
  • Classes were disrupted, officials remained unsure of extent of damage
Read More

 
Skidmore-Tynan Independent School District, Bee County

Breach Type – Unknown, Malware

Kristv

  • Administrators report that they have reached out to the FBI in response to cyber attack
  • All windows devices have to be investigated following attack
  • Cybersecurity has been aiding process and has taken preventative measures
Read More

 
Athens Independent School District, Henderson County

Breach Type – Unknown, Ransomware

WFAA

  • Following ransomware cyberattack, school district was forced to delay school start
  • School board voted to pay $50,000 ransom to bad actors
  • Officials believed personal information remained intact
Read More

 
Sheldon Independent School District, Harris County

Breach Type - Unknown, Ransomware

Data Breaches

  • The district was attacked by Pysa ransomware, a variant of Mespinoza ransomware
  • Ransom demanded was over $350,000 and was not fully covered under cyber insurance policy
  • Information exposed generally consisted of demographic statistics and did not contain social security information
Read More

 
San Felipe Del Rio CISD, Val Verde County

Breach Type - Phishing, Other

Data Breaches

  • Bad actors used phishing scheme in cyberattack
  • Funds were mistakenly transferred to fraudulent account
  • Law enforcement assisted with investigation
Read More

 
Fort Worth ISD, Tarrant County

Breach Type - Unknown, Malware

CBS Local

  • School district hit in malware cyberattack
  • Officials believed IT personnel protected private information
  • Federal and local law enforcement were notified of the attack
Read More

 
Manor Independent School District, Travis County

Breach Type – Phishing, Other: Funds Stolen

NY Daily News

  • Phishing cyberattack used to steal over $2 million
  • Federal and local law enforcement sought public's help
  • School system consisted of over 9,600 students
Read More

 
Port Neches-Groves Independent School District, Jefferson County

Breach Type – Unknown, Ransomware

The Port Neches News

  • School district network taken out in ransomware cyberattack
  • Officials stated that all files had been encrypted and held for ransom
  • No personal information was affected in the attack
Read More

 
Sul Ross University Rio Grande College, Uvalde County

Breach Type - Unknown, Ransomware

In4Mate

  • According to released information the college was hit with an attack on June 24th
  • No private information was compromised following the attack, the situation was still being assessed
  • All systems and services were rendered inoperable until further notice meaning no online networking
Read More

 
San Benito Consolidated Independent School District, Cameron County

Breach Type - Phishing, Other

Valley Morning Star

  • Several departments prevented fraudulent transfers after irregularities were noticed
  • A school employee was directed to a fraudulent website that acted as the official banking website
  • To prevent this in the future employees will be trained and several protocols will be put in place
Read More

 
Crosby Independent School District, Harris County

Breach Type - Ransomware

CHRON

  • Parents and staff were notified of ransomware within district’s IT systems
  • Schools were left with no access to technology until attack was resolved
  • Visitors were no longer allowed into schools due to downed screening procedures
Read More

 
Henderson Independent School District, Rusk County

Breach Type - Phishing, Other

Tyler Paper

  • Cyber criminals steal over $600,000 from Henderson ISD
  • The district fell victim to a sophisticated phishing scam
  • Funds mistakenly transferred to a fraudulent account
Read More

 
Dallas County Community College, Dallas County

Breach Type - Phishing, Data Breach

NH Office of Attorney General

  • Hackers accessed employee email account
  • Investigation launched & account secured
  • Private information of Dallas County Community members potentially exposed
Read More

 
Victoria Independent School District

Breach Type - Hack

DataBreaches

  • Victoria Independent School District employee email accounts hacked
  • Email accounts stored private employee data
  • District resetting email account credentials & implementing two factor authentication as precaution
Read More

 
Ben Bolt Independent School District

Breach Type - Phishing

KIII TV

  • Ben Bolt Independent School District targeted in spear-phishing scheme
  • Hackers posed as district superintendent
  • Employee emailed W-2 information to hacker
  • District immediately notified potentially affected individuals
  • Sheriff's department offered further assistence to district employees
Read More

 
Rockdale Independent School District

Breach Type - Phishing

KVUE

  • Rockdale Independent School District falls victim to phishing scheme
  • Several employees' taxes falsely filed by hackers
  • Employee forwarded valuable tax information to false superintendent
Read More

 
Tyler Independent School District

Breach Type - Phishing

KLTV

  • Employee fell victim to phishing scam involving employee W-2 information
  • District sent letters to its employees, notifying them of the breach
  • School providing free credit monitoring and restoration services
Read More

 
Abernathy Independent School District

Breach Type - Phishing

Everything Lubbock

  • Abernathy Independent School District falls victim to spear-phishing scheme
  • Employee responded to phishing email, sent W-2 information of district employees to hackers
  • District immediately reported to the IRS, FBI, and State Taxing Authorities
Read More

 
Mercedes Independent School District

Breach Type - Phishing

The Monitor

  • W-2 information of employees sent in phishing scam
  • District instructed potentially affected to take steps in safeguarding data
  • 950 employees affected in scheme
Read More

 
Belton Independent School District

Breach Type - Phishing

kcenTV

  • Belton Independent School District fell victim to spear-phishing scheme
  • Employee W-2 information exposed, sent to hackers
  • District offered free credit monitoring through Experian
  • Over 1,700 potentially affected District employees
Read More

 
Argyle Independent School District

Breach Type - Phishing

NBCDFW

  • Argyle Independent School Distract fell victim to spear-phishing scheme
  • Hacker posed as district Superintendent
  • 2016 W-2 forms sent by employee
  • The district deeply regrets incident & will notify potentially affected individuals
Read More

 
Northeast Independent School District

Breach Type - Ransomware

Data Breaches

  • Northeast Independent School district fell victim to ransomware attack
  • District did not pay ransom
  • No sensitive information compromised during attack
  • Three separate ransomware attacks took place in span of 3 months
  • Little data lost – thanks to backups
Read More

 
Corsicana Independent School District

Breach Type - Phishing

Corsicana Daily Sun

  • Corsicana Independent School District fell victim to spear-phishing scheme
  • Employee sent all 2016 W-2 forms to hacker
  • IRS & state taxing agencies notified TX school district of phishing scam
  • Corsicana notified local authorities and FBI
Read More

 

BACK TO TOP