SETTINGS

Reset High Contrast Text Only

-A A A+

Cybersecurity Notification Update

December 1, 2023

Dallas County is aware of an unauthorized party posting additional data claimed to be taken from our systems in connection with our recent cybersecurity incident. We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact.

We understand the concerns that such an incident may raise among our residents, employees, and partners. We want to assure everyone that we are taking this matter seriously. Our top priority is the security and privacy of all individuals associated with Dallas County.

Our investigation into the incident remains ongoing and we continue to work closely with law enforcement and our cybersecurity experts to address this situation. Once the investigation is complete and in the event that our review determines any personal information has been involved, we will notify the affected individuals directly.

We are committed to transparency and will provide updates as more information becomes available. All updates will be posted to this webpage. We encourage you to visit it frequently. Moreover, we encourage everyone to visit the Federal Trade Commission's website at https://consumer.ftc.gov/features/identity-theft. This resource provides valuable information on how to safeguard personal information.

We sincerely appreciate your understanding and patience as we navigate through this situation.

 
 

November 7, 2023

Dallas County is aware of an unauthorized party posting data claimed to be taken from our systems in connection with our recent cybersecurity incident. We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact.

We understand the concerns that such an incident may raise among our residents, employees, and partners. We want to assure everyone that we are taking this matter seriously. Our top priority is the security and privacy of all individuals associated with Dallas County.

Our investigation into the incident remains ongoing and we continue to work closely with law enforcement and our cybersecurity experts to address this situation. As the investigation progresses, when our review determines personal information has been involved, we will notify the affected individuals directly. 

We are committed to transparency and will provide updates as more information becomes available. All updates will be posted to this webpage. We encourage you to visit it frequently. Moreover, we encourage everyone to visit the Federal Trade Commission's website at https://consumer.ftc.gov/features/identity-theft. This resource provides valuable information on how to safeguard personal information. 

We sincerely appreciate your understanding and patience as we navigate through this situation.

 
 

October 31, 2023

Dear Residents and Partners,

Thank you for your inquiry. We value our relationship with you and your confidence in us.  We can share the updated information below about the recent cybersecurity incident impacting Dallas County.

Description of the Incident

As you are aware, on October 19, 2023, Dallas County became aware of a cybersecurity incident affecting a portion of our environment. Once we detected the incident, we retained external cybersecurity professionals to assist in our efforts to contain the threat, investigate the nature and scope of the attack, and enhance our security efforts to reduce the likelihood of recurrence of this type of attack.

Currently, our work with the cybersecurity firm is ongoing. While our goal is to be transparent and forthcoming with information relating to the incident, we do not want to make premature assumptions about the extent of impact or other details, which may evolve as the forensic investigation advances. Because transparency is important to us, however, we are sharing additional information relating to our containment efforts. The County will provide updates as soon as more information becomes available.

Containment and Additional Security Efforts

Due to our containment measures, Dallas County interrupted data exfiltration from its environment and effectively prevented any encryption of its files or systems. It appears the incident has been effectively contained, partly due to the measures we have implemented to bolster the security of our systems. These measures include: 

  1. Extensive deployment of an Endpoint Detection and Response (EDR) tool across servers and endpoints connected to our network.
  2. Forcing password changes for all users to grant access to our systems.
  3. Mandating multi-factor authentication for remote access to our network.
  4. Blocking ingress and egress traffic to IP addresses identified as malicious.

Currently, there is no evidence of ongoing threat actor activity in our environment. Given these measures and findings, it appears at this time that the incident has been successfully contained and that Dallas County's systems are secure for use.

Next Steps

We hope the information we can provide today answers questions you may have about the incident, and we appreciate your patience and understanding as we continue to work through this process. Our team and resources are focused on completing the investigation. We will keep you apprised of relevant developments as the investigation continues through this dedicated webpage. We encourage you to visit it frequently.  

Thank you for your continued partnership and support.