Dallas Employees’ Data Accessed in Ransomware Attack, City Manager Confirms
City employees of Dallas have had their data accessed during a ransomware attack, according to City Manager T.C. Broadnax. In an email sent to employees on Tuesday, Broadnax revealed that the hacker group known as Royal accessed data stored by the city’s human resources department. While the specific data that was accessed has not been disclosed, Broadnax assured employees that the appropriate notifications will be made.
The attack occurred on May 3, but the city has yet to issue a public notification regarding the data breach. Broadnax mentioned that the investigation is ongoing and that some benefits-related information managed by the human resources department was accessed. No details were provided on how many departments were affected, how many employees’ personal data could be compromised, or whether any resident information was also accessed.
City officials have identified Royal as the suspected hackers since the cyberattack. In a blog post on May 19, the group threatened to publicly release personal information of employees, including phone numbers, addresses, credit card details, social security numbers, and passports, along with court cases, prisoners’ information, medical data, clients’ data, and thousands of governmental documents. However, there is no evidence to suggest that any information has been publicly released thus far.
Broadnax’s email informed employees that they would receive notices in the mail about signing up for free credit monitoring offered by the city. He also advised residents to visit the Federal Trade Commission’s website to learn how to protect their data and use the city’s internal site for any questions.
While 97% of the city’s network has been restored after the ransomware attack, some services are still impacted. Public computers are unavailable at certain city libraries, and the city has not provided a comprehensive overview of all the affected services and the full extent of the city’s cyberattack. The delays caused by the attack have resulted in a backlog of permit application requests for various construction projects. Dallas officials cite an ongoing criminal investigation as the reason for not disclosing specific details about the cyber incident.
As the investigation continues, the city remains committed to notifying affected individuals and providing support to employees. The focus is on resolving the remaining issues caused by the attack and ensuring the security of the city’s systems moving forward.