CBS News/Texas reported an investigation found the personal information of less than 300 property owners was put at risk by a ransomware attack last month, according to board members at the Tarrant Appraisal District (TAD.
Discussions are ongoing with the Medusa ransomware group involved, according to board chair Vince Puente, as is a criminal investigation. Phone lines at the district are now operational, and while key functions of the website are still not available, Puente said the board was optimistic the district would be resuming normal operations “shortly.”
TAD’s update came at the end of three straight days of board members meeting privately about the attack. TAD said at the time the ransomware group sent a letter demanding $700,000 to prevent the release of sensitive information.
According to the news station, the agency is reaching out directly to the people impacted. Subsequently, TAD posted additional information on its website for the general public on how to protect personal information and watch for signs of fraud.
TAD does not expect the incident to cause any delays in sending out annual value notifications for properties, which usually go out in mid-April, or the start of valuation protests.
Last year the deadline to protest was extended for Tarrant County owners, because of problems with the TAD website. Later in the year, the district revealed at least two pieces of malware had been installed onto its system. In December, the district said there was no evidence any property owner information had been compromised.
“It appeared to be a new intrusion but was the result of the ‘history of where we've been’,” Puente said when asked if the current attack was directly connected to the previous incident.
TAD’s new chief appraiser Joe Don Bobbitt told CBS News image files at the district were not impacted, and TAD was in the process of restoring systems on employee laptops. He was optimistic operations would return to normal within the next few weeks.
Additionally, new board member Alan Blaylock, who has a background working in software and tech, said it was clear significant investments would be needed to ensure the safety of data.
The board committed last month to spend about $200,000 initially for immediate software upgrades and IT support consultants.