In an email sent Tuesday to city employees, Broadnax said information stored by the city’s human resources department was exposed and that officials would “be making the appropriate notifications in accordance with our obligations.”
Broadnax didn’t elaborate in the email on all the specific data that was accessed by the group Royal during the May 3 attack, how many departments were exposed, how many employees’ personal data could be at risk, or if any residents’ information was also accessed.
A copy of the email was obtained by The Dallas Morning News.
The city hadn’t issued any public notification as of Friday afternoon about any data being exposed during the ransomware attack.
“Our investigation remains ongoing, but at this time we’ve learned that some information maintained by the city of Dallas, including some benefits-related information maintained by the city’s human resources department, was accessed by the unauthorized third party responsible for this ransomware incident,” Broadnax said in the email.
The notice also said, “We understand the concern this incident may cause and please know we are working to provide the necessary resources and support for our employees.”
City officials didn’t immediately respond to requests for comment Friday. The city has around 13,400 employees.
Royal, the hacking group that city officials identified early in the cyber attack, threatened in a May 19 blog post to publicly share “tons of personal information of employees (phones, addresses, credit cards, SSNs, passports, etc.), detailed court cases, prisoners, medical information, clients’ information and thousands and thousands of governmental documents.”
It doesn’t appear that has happened as of Friday. City officials have maintained since May that they haven’t found any proof that information from workers or residents have been publicly released.
Broadnax’s email, which had a subject line of “Reminder of Mailed Notice Letter,” began with informing employees they should be receiving notices in the mail in the coming weeks on how to sign up for free credit monitoring being offered by the city.
The email also encourages workers to visit the Federal Trade Commission’s website to “learn more about how to protect your data” and directs them to the city’s internal site if they have questions.
City officials said earlier this month that 97% of its network has been restored after the ransomware attack. But some issues remain, such as at some city libraries public computers are still not available.
Dallas officials haven’t given the public a full picture of all the ways the city’s been impacted by the cyber attack, nor disclosed all the services that have been effected. It has led to some residents being blindsided with issues when seeking city aid.
For example, there was a backlog of 870 permit application requests for fences, roof replacements, foundation repairs and demolitions that hadn’t been processed as of June 30.
The delays were caused by problems with the city’s mapping software and staff being unable to access internal shared drives. That tally was down to a backlog of 52 applications as of July 14, according to the city.
Workers in Dallas’ development services department, which oversees permitting, have had to work overtime and weekends to process the delayed applications, city officials say.
Dallas officials have mainly cited an ongoing criminal investigation into the attack as reason for withholding specific information related to the incident. Several details on the ransomware attack still are not clear, such as the specifics of how it happened.
Melinda Urbina, spokeswoman for the FBI’s Dallas office, said Friday that the criminal investigation into the ransomware attack is ongoing.
©2023 The Dallas Morning News, Distributed by Tribune Content Agency, LLC.
