DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Texas DIR issues update on coordinated ransomware attack on multiple government agencies

Posted on August 20, 2019 by Dissent

The Texas Department of Information Resources (DIR) is leading the response to a ransomware attack against entities across Texas. Below is an update as of August 20, 2019, at approximately 3:00 p.m. central time.

  • The number of confirmed impacted entities has been reduced to twenty-two.
  • As of the time of this release, responders have engaged with all twenty-two entities to assess the impact to their systems and bring them back online.
  • More than twenty-five percent of the impacted entities have transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual.
  • The State of Texas systems and networks have not been impacted.
  • Evidence continues to point to a single threat actor.
  • Investigations into the origin of this attack are ongoing.
  • Because this is an ongoing federal investigation, we cannot provide additional details about the attack.
  • To put themselves in the best cybersecurity posture, public and private organizations can follow these cybersecurity best practices:
    • Keep software patches and anti-virus tools up to date.
    • Create strong unique passwords that are changed regularly.
    • Enable multifactor authentication, especially for remote logins.
    • Modernize legacy systems and ensure software is as current as possible.
    • Limit the granting of administrative access.
    • Perform regular, automated backups and keep the backups segregated.

BACKGROUND

  • The Texas Department of Information Resources (DIR) is leading the response to a ransomware attack against entities across Texas.
  • On the morning of August 16, 2019, more than 20 entities in Texas reported a ransomware attack. The majority of these entities were smaller local governments.
  • Later that morning, the State Operations Center (SOC) was activated.
  • The following agencies are supporting this incident:
    • Texas Department of Information Resources
    • Texas Division of Emergency Management
    • Texas Military Department
    • The Texas A&M University System’s Security Operations Center/Critical Incident Response Team
      • Texas Department of Public Safety
      • Computer Information Technology and Electronic Crime (CITEC) Unit
      • Cybersecurity
    • Intelligence and Counter Terrorism
    • Texas Commission of Environmental Quality
    • Texas Public Utility Commission
    • Department of Homeland Security
    • Federal Bureau of Investigation – Cyber
    • Federal Emergency Management Agency
    • Other Federal cybersecurity partners

Source: Texas Department of Information Resources

Category: Government SectorMalwareOf NoteU.S.

Post navigation

← Ireland, Poland Offer Guidance on Data Breach Response Under GDPR
Aussie banks warn customers after fresh PayID data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.