“TAD is aware that the criminal group Medusa has illegally posted files they claimed to have obtained from the TAD network,” Chief Appraiser Joe Don Bobbitt said in a statement in response to questions from the Star-Telegram. “While TAD limits the collection of sensitive data in majority of circumstances, we worked closely with leading cybersecurity experts to carefully review the affected data, and all individuals.”
Bobbitt said the 300 individuals whose information has been compromised have been notified via mail.
Content on the dark web is not accessible by search engines and requires a special browser.
Documents published by Medusa, some of which have been reviewed by the Star-Telegram, show tax exception applications and employee files.
Some tax exemption forms require a driver’s license, Social Security or Federal Tax I.D. number. Homestead exemption forms ask for a copy of the owner’s driver’s license.
Bhavani Thuraisingham, a professor of computer science with a specialty in cybersecurity at UT Dallas, said Social Security numbers and driver’s licenses are the most damaging information that can be exposed online.
Medusa said it had obtained and published 217 gigabytes of data from the appraisal district.
Medusa set a ransom of $700,000. The appraisal district did not respond to a question about whether it negotiated with the group.
On April 8 Medusa’s blog listed the appraisal district’s ransom at $100,000, and displayed a timer counting down to a deadline.
“TAD’s IT team is continuing to work with cybersecurity experts to monitor the status of Medusa’s leak site, and additional updates will be provided if there are any further developments,” Bobbitt said closing his statement.
©2024 Fort Worth Star-Telegram, Distributed by Tribune Content Agency, LLC.