Dallas Data Held Hostage by Ransomware Attackers

Dallas is still trying to recuperate all of its services following a ransomware attack that hit the city around three weeks ago. Official reports suggest that no city residents’ or employees’ personal data has been leaked, however, that might change soon since an alleged message was received from the hackers themselves. A screenshot of the message was first posted on Twitter by CBS Journalist J.D. Miles on Friday. The message was originally posted on the cyber terrorist group Royal’s website, and screenshots of it have been making rounds on social media. The message stated, “So, we are going to indicate that the data will be leaked soon. We will share here in our blog tons of personal information of employees (phones, addresses, credit cards, [Social Security Numbers], passports), detailed court cases, prisons, medical information, clients’ information and thousands of thousands of governmental documents.”

The FBI and The U.S. Cybersecurity and Infrastructure Security Agency (CISA) created a report on the ransomware group in March, where they claimed that the Royal group is responsible for various attacks on critical infrastructure, including manufacturing, communications, and healthcare. It was reported that the group’s attacks rely on attempting to fool unsuspecting victims into opening phishing emails. The group then seeks a ransom that ranges from $1 million to $11 million, stressing their demands to be paid in Bitcoin.

While the message circulated on social media, some social media users perceived the message as a positive affirmation that Royal was behind the attack. In response to the message, The Dallas County District Attorney’s Office released a statement the day before the hackers’ message was posted.

The statement outlined that the DA’s office is collaborating with the city and Dallas Police Department to guarantee that criminal cases filed and processed adhere to all legal requirements. The statement claimed that the DA’s team had established alternative communication channels that would help them to facilitate seamless coordination and information sharing. Claire Crouch, a spokesperson for the DA’s office, added: “We anticipate that the longer this goes on, the greater chance for obligations on the DA’s part will be affected.”

Dallas law firm Scott H. Palmer PC’s Scott Palmer stated that he was not aware of any of his cases being affected by the attack. However, The Dallas Morning News stated that the Dallas Police Department is facing challenges accessing some of its physical and digital evidence as a result of the ransomware attack. This has begun to disrupt some of the ongoing trials.

The latest estimate suggests that it could take weeks, if not months, for the city’s services to be fully restored. The city of Dallas released a statement about the message, stating that city officials were aware and monitoring the situation. They added that they could affirmatively state that there was no evidence or indication pointing towards data compromise. Additionally, the city claimed that protective measures to secure data were being put into place.