Nearly 3.5 billion people have experienced a breach of their personal information in just the top two of the 15 largest data breaches of this century alone. The smallest incident on this list affected the data integrity of just 134 million people. Needless to say, Texas has had its fair share of cyber attacks as well. The state is currently ranked in the third position for most number of data breaches across the country (till June 2020), trailing just behind New York and California with reported 819 reported data breaches since 2005, according to Comparitech.
It’s still too soon for Texans to forget about the largest coordinated ransomware attack that rocked 22 towns in the state in August 2019. Dubbed the ‘new front attack’ due to the sheer scale of sabotage, several local government departments in the towns practically came to a standstill during the attack, forcing the Governor Greg Abbott to declare a Level 2 Escalated Response.
What’s more disconcerting is the fact that according to cybersecurity experts as well as evidence gathered by the Texas Division of Emergency Management, Texas Military Department, the Department of Homeland Security, and the FBI the entire attack seemed to have been coordinated by a single threat actor.
The growing threat of cyber warfare on public systems
Just think about that for a second. That’s one individual holding government agencies in different towns to ransom for an extended period. Similar incidents have happened and only gathered steam before and after the Texas incident wherein a lot of public systems such as school network, government departments and hospital chains have come under the threat of a virtual attack.
To pay, or not to pay
Many chose to pay their way out of the trouble. Others chose to slowly and painstakingly (and manually, in the case of Baltimore) put affairs back in order in a process that sometimes ended up costing more than the original demand by the threat perpetrators. Many experts would still argue that not paying was still the smarter choice as payment ensures your place as a soft ‘mark’ in the deep web list of public system targets that have complied and paid. This, many experts fear, ensures that those systems will only get targeted again as they have shown vulnerability to attackers.
Being one of the top leaders in IT Support Houston, we, at PennComp tend to keep a tab on the most virulent cyber attacks that have afflicted our state and constantly try and learn from them as much as we can to prevent them from ever happening again.
Here’s our list of Top Cyber Attacks in Texas History!
Top Cyber Attacks in Texas History
1) 2008 – Texas Lottery Commission
You don’t always win the lottery when you do. In 2008, the winners of Texas Lottery along with vendors, lottery commission employees, retailers and more became victims of a security breach. A Texas Comptroller computer analyst copied the personal data of people participating in the lottery as well as vendors on computer disks with intention to exploit the information. The breach is estimated to have affected more than 100,000 people. The commission immediately notified affected people and took steps to prevent such breaches from happening again.
2) April 2011 – State’s Comptroller’s Office
The personal data of nearly 3.5 million people in Texas was accidentally released from the Texas Comptroller’s office on a publicly accessible website. The breach occurred during data transfers by the Teacher Retirement System of Texas in January 2010, the Texas Workforce Commission in April 2010 and the Employees Retirement System of Texas in May 2010. The protocol demanded that the data should be encrypted and a host of other regulations – none of which were followed. The state has since spent more than $1.8 million to mitigate damages from the year-long breach including letters sent to all affected, setting up helplines (call centers) and hiring consultants Deloitte Consulting and Gartner to confirm the extent of damages incurred.
3) April 2012 – Office of the Texas Attorney General
In an ironic turn of events, Texas Attorney General Greg Abbott erroneously exposed the full Social Security numbers of millions of Texas voters from the VR [voter registration] data base and produced to the Intervenors during the contention on the Voter Photo ID bill.
4) July 2016 – Omni Hotels and Resorts
On July 8, the luxury Dallas chain Omni Hotels & Resorts admitted of a data breach detected on May 30 which revealed that hackers used point-of-sale malware to siphon off payment data from its database for six months.
5) January 2020 – Iranian Hackers
A federal government website was hacked in January 2020 apparently as a response to Trump-ordered execution of Iranian Maj. Gen. Qassim Soleimani. Texas Department of Information Resources reported nearly 10,000 attempted attacks per minute from Iranian sources in the course of just two days resulting in a warning from Texas Attorney General Greg Abbott. Although, Amanda Crawford, executive director of the department, later downplayed the seriousness saying that the number was an average number of probes faced by the state departments on any given day.
6) August 2020 – Athens ISD (Independent School District)
The Athens Independent School District in East Texas were in for a shock before August school re-openings as they detected a massive attack on its entire computer network that encrypted the contents. Threat actors demanded $50,000 in ransom and access to everything from student/ teacher information, teacher communication to student assignments were blocked. With virtual classes planned for the opening weeks of school, the attack disrupted an already strained school IT workforce grappling with the new teaching and learning environment and anxious students and teachers.
Although the school board had decided to pay the ransom initially, the district was only liable for a deductible thanks to cyber insurance. The ransom was brought further down to $25,000 after negotiations with the criminals. But as a last-minute saving grace, the IT teams with the aid of state and federal cyber response teams were able to do a full data recovery from a backup system. The district ended up paying nothing and stopped communicating with the hackers. The perpetrators are yet to be identified.