Hackers demand $700K in ransomware attack on Tarrant Appraisal District
FORT WORTH — New information is out about the recent ransomware attack on the Tarrant County Appraisal District.
TAD confirmed Monday it received a ransom letter from an unknown hacking group, demanding TAD pay them $700,000. TAD responded by holding an emergency meeting Monday to figure out the next steps and how to recover any stolen data.
"If they steal from an appraisal district, they're stealing from our taxpayers," says TAD Board Chairman, Vince Puente, Sr. "It just makes me very sad. But evil does exist and good exists as well. We have hope in that good."
TAD confirmed the attack was hit by the ransomware attack on its website on March 21. The attack comes after other computer security issues in the past few years.
TAD legal counsel. Lindsay Nickle, says the board thinks the attack is from the prominent hacking group, Medusa.
"Responding and recovering from a ransomware attack takes longer than anyone ever wants it to, but that is because we have to make sure that the right steps are taken," says Nickle.
Experts tell CBS News Texas that personal information could be at risk in these types of attacks, especially social security information. TAD says the hacking group claims it has accessed personal data, but TAD has not confirmed whether or not that data is truly compromised.
Tarrant County residents also spoke during a public comment portion of the meeting.
"This organization continues to burn. The taxpaying citizens are suffering and there's nothing that can be done," says Gerald Miller, a Fort Worth resident.
"I want to see ownership of the entire problem, and tell us the truth, as ugly as it may be," realtor Chandler Crouch said at the meeting.
Crouch says he represents nearly 37,000 homeowners in Tarrant County and thinks the new board needs to be more upfront with taxpayers.
"They didn't do enough to secure the system to make sure this kind of thing couldn't happen moving forward. So, we are definitely dealing with the sins of the past. They are haunting us today, unfortunately," Crouch adds.
After an executive session, the board approved the purchase of new Office 365 software to "replace the on-premise Exchange servers and improve security, auditing, and tooling."
The TAD board also approved the purchase of SentinelOne software as an added layer of preventative security, as well as hiring a cyber-consultant, Improving Enterprises, to perform security audits, including network support and system reviews. The board says the three items will cost about $200,000 and funds will have to be transferred from committed funds to the general fund.
TAD said, as of Monday, has not made a decision on whether or not to pay the $700,000 ransom.