Fort Worth says the city’s IT operations are returning to normal after a hack into an internal computer system was discovered late last week.
The city said over the weekend someone accessed a municipal website that manages maintenance work orders. City leaders said they do not believe any other systems were compromised and there is no evidence that personal or sensitive data was released.
Still, personal information, cybersecurity and government investigations attorney Matthew Yarbrough said those who live within Fort Worth city limits should keep an eye on their personal information and ask questions.
“I would do it in writing and let them know that you want to know if your personal information was part of that data breach or cybersecurity incident,” Yarbrough said. “Whether it’s a city or a company or a government, they don’t really know how much or what happened to that data. You know, in the world of data, digital evidence is fungible. It can be easily changed and altered… A lot of times, they have no way of telling you one way or the other if your information has been leaked.”
On Monday, city officials said they had addressed the hackers’ access method and said there was no unauthorized access to the city’s computer systems.
In their original announcement on Telegram Messenger, the hackers claimed to have deleted 60 GB of files. However, in an email to NBC 5, the city’s IT department said, “The City did not lose any data during this event. The attacker claims to have stolen 500,000 files and then reviews the their statement to say there will be less.over 500,000 stolen files posted online because they accidentally deleted 60GB [of their copies of the stolen files].”
The City added that IT operations returned to normal around noon on Monday.
The cyberattack appeared to be politically motivated after the group claimed responsibility for the breach by posting online that because the state of Texas had banned gender-affirming care, they made the state a goal
There was no immediate word on why Fort Worth, specifically, was targeted. However, the city’s director of IT solutions, Kevin Gunn, clarified that the cyber attack is very different from what the City of Dallas is dealing with.
“Someone stole the credentials and accessed the website and downloaded images from that website,” Gunn said. “No file encryption is detected and no ransom has been demanded from the City of Fort Worth.”
The city said local and federal authorities are continuing their investigation into the breach.
