IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Data from Texas County Appraiser Attack Reaches Dark Web

The group behind the March 21 cyber attack has published information it obtained on the dark web, the Tarrant Appraisal District said. People whose information has been compromised have been notified by mail.

Under blue light, a person in a black hoodie works at multiple computer monitors
(TNS) — Medusa, the hacking group responsible for the ransomware attack on the Tarrant Appraisal District, has published data on the dark web it obtained from the attack, TAD said Tuesday.

“TAD is aware that the criminal group Medusa has illegally posted files they claimed to have obtained from the TAD network,” Chief Appraiser Joe Don Bobbitt said in a statement in response to questions from the Star-Telegram. “While TAD limits the collection of sensitive data in majority of circumstances, we worked closely with leading cybersecurity experts to carefully review the affected data, and all individuals.”

Bobbitt said the 300 individuals whose information has been compromised have been notified via mail.

Content on the dark web is not accessible by search engines and requires a special browser.

Documents published by Medusa, some of which have been reviewed by the Star-Telegram, show tax exception applications and employee files.

Some tax exemption forms require a driver’s license, Social Security or Federal Tax I.D. number. Homestead exemption forms ask for a copy of the owner’s driver’s license.

Bhavani Thuraisingham, a professor of computer science with a specialty in cybersecurity at UT Dallas, said Social Security numbers and driver’s licenses are the most damaging information that can be exposed online.

Medusa said it had obtained and published 217 gigabytes of data from the appraisal district.

Medusa set a ransom of $700,000. The appraisal district did not respond to a question about whether it negotiated with the group.

On April 8 Medusa’s blog listed the appraisal district’s ransom at $100,000, and displayed a timer counting down to a deadline.

“TAD’s IT team is continuing to work with cybersecurity experts to monitor the status of Medusa’s leak site, and additional updates will be provided if there are any further developments,” Bobbitt said closing his statement.

©2024 Fort Worth Star-Telegram, Distributed by Tribune Content Agency, LLC.