IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Tyler Technologies' Internal Systems Hit by Ransomware

Responding to a flurry of online concern about the fact that the company makes software for posting election results, Tyler Technologies said that product isn’t hosted on the network that got hit.

Tyler Technologies, one of the largest gov tech companies in the world, discovered Wednesday that it has been hit by a ransomware attack that gave an intruder access to internal phone and IT systems and disrupted user access to some internal systems.

As of Thursday afternoon, the company’s website displayed a message explaining that the company realized early Wednesday morning that an unknown third party had “disrupted access to some of our internal systems.” The message said the company responded by shutting down points of access to external systems, recruiting outside IT security and forensics experts, notifying law enforcement and implementing enhanced monitoring systems.

“Based on the evidence available to date, all indications are that the impact of this incident is limited to our internal corporate network and phone systems, and that there has been no impact on software we host for our clients,” the message read. “Our hosted environment is separate and segregated from our internal corporate environment. We have activated enhanced monitoring to supplement the monitoring services we already had in place, and we have detected no unauthorized or malicious activity or compromises in client systems that Tyler hosts. Furthermore, we currently have no reason to believe that any client data or client servers have been affected.”

Tyler is headquartered in Plano, Texas, and makes a wide range of software for government, including for enterprise resource planning, courts and public safety, education, fleet management, permitting and land use. It also makes software that election officials use to share election results with the public.

The company's website said it found no outages in any of its online payment systems, and that its product for publishing election results is hosted offsite on Amazon Web Services, not on the internal network that was hit by ransomware. It added that while election officials can use Tyler’s platform to post aggregated election results, it’s not the system of record for any elections, nor does it store individual voting records.

The extent to which the intruder accessed private information is unclear, as Tyler specified only that they accessed internal phone and IT systems and “disrupted access.” Tyler has not specified which systems, or whether accessing internal IT systems allowed the intruder to copy data without altering it.

The computer help website BleepingComputer reported on Wednesday that it was a RansomExx ransomware attack, a rebranded version of the Defray777 ransomware that targeted the Texas Department of Transportation in May, the business technology company Konica Minolta in July, and the laser company IPG Photonics earlier this month.

This is an unfortunate development for Tyler after recent milestones, exceeding $1 billion in revenue in 2019 and landing on the S&P 500 list in June. According to the company’s website, it employs 5,500 people and is projecting $1.2 billion in revenue in 2020.

A spokesperson for Tyler referred inquiries to the company's website, where she said the company will continue posting updates.

Special Projects
Sponsored Articles
  • Sponsored
    Smart cities could transform urban living for the better. However, in order to mitigate the risks of cyber threats that can be exacerbated by inadequately secured and mobile edge computing (MEC) technologies, government officials should be aware of smart cities security concerns associated with their supporting infrastructure.
  • Sponsored
    How the convergence of security and networking is accelerating government agencies journey to the cloud.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.
  • Sponsored
    Five Key Criteria for Selecting the Right Technology Solution for Communications and Notifications