Cybersecurity Notification Update

July 10, 2024

Dallas County, Texas (“the County”) is providing an update on a recent security incident that may impact the confidentiality of certain information maintained by the County.  We encourage you to read this notice carefully as it contains important information regarding the incident, our response, and steps you can take to help protect your personal information.

What Happened?

As the County previously shared with its residents and partners, on October 19, 2023, the County became aware of a cybersecurity incident affecting a portion of its environment.  Upon detection, the County promptly took steps to contain the incident and engaged third-party cybersecurity specialists to perform a comprehensive investigation, including to determine what data may be involved.

During the investigation, the County established a dedicated call center for individuals to call should they have any questions relating to the incident and to obtain complimentary credit monitoring services should they have any concerns. The call center continues to be operational as of the date of this notice and will remain open for ninety days.

The County recently completed its investigation and determined that certain information related to individuals may be involved.  The specific types of information impacted is detailed further below.

What Information Was Involved?

The County might hold information about individuals for several reasons: they could be a resident, an employee, or they might have received services from or interacted with one of our agencies (e.g., Department of Health and Human Services). Additionally, the County participates in data sharing agreements with other organizations to enhance the services we offer to our residents and the public.

While the information affected by this incident varies based on the individual and their association with the County, this incident primarily involved the following information: name; Social Security number (SSN); date of birth; driver’s license/state identification number; and taxpayer identification number. For some individuals, certain types of medical information (e.g., diagnosis or conditions information) and health insurance information may be involved.

To find out if your information was involved in this incident, we encourage you to call our dedicated call center. The phone number is 1 (888) 330-2852 and representatives are available Monday through Friday, 9 AM to 9 PM ET. Should it be determined that an individual's Social Security number or taxpayer identification number is involved, the call center will provide the individual with a code for two years of complimentary credit monitoring and identity theft protection services.

What Are We Doing?

Upon becoming aware of the incident, the County promptly initiated measures to secure its information. This included an extensive deployment of an Endpoint Detection and Response (EDR) tool across servers and endpoints connected to our network, forcing password changes for all users to grant access to our systems, and blocking ingress and egress traffic to IP addresses identified as malicious, among others. The County also engaged external cybersecurity experts to investigate the nature and scope of the incident and conduct a comprehensive investigation to determine what information was involved.

The County is additionally providing individuals, whose Social Security numbers or taxpayer identification numbers were involved, with two years of complimentary credit monitoring and identity theft protection services.

What Can Individuals Do?

The County encourages individuals to consider the following recommendations to protect their personal information:

1. Enroll in Complimentary Credit Monitoring and Identity Theft Protection Services. The County has coordinated with IDX to offer two years of complimentary credit monitoring and identity theft protection services to individuals whose Social Security number or Taxpayer Identification Number have been affected by this incident. Individuals are encouraged to contact the County’s dedicated call center to find out if their data was involved or if they have questions about this incident. The phone number is 1 (888) 330-2852 and representatives are available Monday through Friday, 9 AM to 9 PM ET.
2. Review Your Accounts for Suspicious Activity.  We encourage you to remain vigilant by regularly reviewing your accounts and monitoring credit reports for suspicious activity.  
3. Order A Credit Report.If you are a U.S. resident, you are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies. To order your free credit report, visit www.annualcreditreport.com or call toll-free at 1 (877) 322-8228. If you discover information on your credit report arising from a fraudulent transaction, you should request that the credit reporting agency delete that information from your credit report file. Contact information for the nationwide credit reporting agencies is provided in the next section.
4. Contact the Federal Trade Commission, Law Enforcement, and Credit Bureaus.  You may contact the Federal Trade Commission (“FTC”), your state’s Attorney General’s office, or law enforcement, to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. To learn more, you can go to the FTC’s websites at www.identitytheft.gov and www.ftc.gov/idtheft; call the FTC at (877) IDTHEFT (438-4338); or write to: FTC Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.

You may contact the nationwide credit reporting agencies at:

5. Additional Rights Under the FCRA. You have rights pursuant to the Fair Credit Reporting Act, such as the right to be told if information in your credit file has been used against you, the right to know what is in your credit file, the right to ask for your credit score, and the right to dispute incomplete or inaccurate information. Further, pursuant to the Fair Credit Reporting Act, the consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to your file is limited; you must give your consent for credit reports to be provided to employers; you may limit “prescreened” offers of credit and insurance you get based on information in your credit report; and you may seek damages from violators. You may have additional rights under the Fair Credit Reporting Act not summarized here. 
   
   Identity theft victims and active-duty military personnel have specific additional rights pursuant to the Fair Credit Reporting Act. We encourage you to review your rights pursuant to the Fair Credit Reporting Act by: (i) visiting https://files.consumerfinance.gov/f/documents/bcfp_consumer-rights-summary_2018-09.pdf; or (ii) by writing to Consumer Financial Protection Bureau, 1700 G Street, N.W., Washington, DC 20552.
6. Request Fraud Alerts and Security Freezes. You may obtain additional information from the FTC and the credit reporting agencies about fraud alerts and security freezes. You can add a fraud alert to your credit report file to help protect your credit information. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you, but it also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide credit reporting agencies listed above. As soon as that agency processes your fraud alert, it will notify the other two agencies, which then must also place fraud alerts in your file.

To place a fraud alert, call any one of the three major credit bureaus at the numbers listed below. As soon as one credit bureau confirms your fraud alert, they will notify the others.

If you are very concerned about becoming a victim of fraud or identity theft, you may request a “Security Freeze” be placed on your credit file, at no charge. A security freeze prohibits, with certain specific exceptions, the consumer reporting agencies from releasing your credit report or any information from it without your express authorization. You may place a security freeze on your credit report by contacting all three nationwide credit reporting companies at the numbers below and following the stated directions or by sending a request in writing, by mail, to all three credit reporting companies:

In order to place the security freeze, you’ll need to supply your name, address, date of birth, Social Security number and other personal information. After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.

If your personal information has been used to file a false tax return, to open an account or to attempt to open an account in your name or to commit fraud or other crimes against you, you may file a police report in the City in which you currently reside.

If you do place a security freeze prior to enrolling in the credit monitoring service as described above, you will need to remove the freeze in order to sign up for the credit monitoring service. After you sign up for the credit monitoring service, you may refreeze your credit file.

7. For Iowa Residents. You may contact law enforcement or the Iowa Attorney General’s Office to report suspected incidents of identity Theft:  Office of the Attorney General of Iowa, Consumer Protection Division, Hoover State Office Building, 1305 East Walnut Street, Des Moines, IA 50319, www.iowaattorneygeneral.gov, Telephone: (515) 281-5164.
8. For Maryland Residents. You can obtain information about avoiding identity theft from the Maryland Attorney General at: Maryland Office of the Attorney General Consumer Protection Division, 200 St. Paul Place Baltimore, MD 21202, (888) 743-0023 (toll-free in Maryland), (410) 576-6300, www.marylandattorneygeneral.gov.
9. For New York Residents. You can obtain information about security breach response, identity theft prevention, and identity protection information from the New York State Office of the Attorney General at: Office of the Attorney General, The Capitol, Albany, NY 12224-0341, 1-800-771-7755 (toll-free), 1-800-788-9898 (TDD/TTY toll-free line), https://ag.ny.gov/, and at: Bureau of Internet and Technology (BIT), 28 Liberty Street, New York, NY 10005, Telephone: (212) 416-8433, https://ag.ny.gov/resources/individuals/consumer-issues/technology.
10. For North Carolina Residents. You can obtain information about avoiding identity theft from the North Carolina Attorney General at: North Carolina Attorney General’s Office 9001 Mail Service Center, Raleigh, NC 27699-9001, (877) 566-7226 (toll-free in North Carolina), (919) 716-6400, www.ncdoj.gov/.
11. For Residents of Oregon. You may report suspected identity theft to law enforcement, including the Office of the Oregon Attorney General and the FTC. Contact information for the FTC is included in your notice. The Office of the Oregon Attorney General can be reached: (1) by mail at 1162 Court St. NE, Salem, OR 97301; (2) by phone at (877) 877-9392; or (3) online at https://www.doj.state.or.us/.
12. For Rhode Island Resident. You can obtain information about avoiding identity theft from the Rhode Island Office of the Attorney General at: Rhode Island Office of the Attorney General, Consumer Protection Unit 150, South Main Street, Providence, RI 02903, (401) 274-4400, www.riag.ri.gov. You have the right to obtain a police report, and to request a security freeze (charges may apply), as described above. Information pertaining to approximately 4 Rhode Island residents was potentially involved in this incident.
13. For Washington, D.C. Residents. You can obtain information about avoiding identity theft from the Office of the Attorney General for the District of Columbia at: Office of the Attorney General for the District of Columbia, 400 6th Street NW, Washington, D.C. 20001, (202) 727-3400, www.oag.dc.gov.  You have the right to request a security freeze (without any charge) as described above.

Other Important Information.

The County established a dedicated call center for individuals to call with any questions or concerns relating to the incident.  The phone number is 1 (888) 330-2852 and representatives are available Monday through Friday, 9 AM to 9 PM ET. You may also write to the County at 500 Elm Street, 7th Floor, Suite 7600, Dallas, TX 75202 with any questions or concerns.

January 9, 2024

Dallas County is aware that an unauthorized party posted data claimed to be taken from our systems in connection with our recent cybersecurity incident. We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and identify any personal information contained within the posted files.

While this review process is ongoing and expected to take some time, the County has partnered with IDX to establish a dedicated call center for individuals to call should they have any initial questions relating to the incident and to obtain complimentary credit monitoring services should they have any concerns. The phone number is (800) 939-4170 and representatives are available between 8 am – 8pm Central Time, Monday through Friday.

What Can Individuals Do?

We understand the concerns that such an incident may raise among our residents, employees, and partners. We want to assure our community that we are taking this matter seriously. In addition to contacting the call center, the County encourages individuals to consider the following recommendations to protect their personal information: 

1. Review Your Accounts for Suspicious Activity. We encourage you to remain vigilant by regularly reviewing your accounts and monitoring credit reports for suspicious activity. 
2. Order a Credit Report. If you are a U.S. resident, you are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies. To order your free credit report, visit www.annualcreditreport.com or call toll-free at 1-877-322-8228. If you discover information on your credit report arising from a fraudulent transaction, you should request that the credit reporting agency delete that information from your credit report file. Contact information for the nationwide credit reporting agencies is provided in the next section.
3. Contact the Federal Trade Commission, Law Enforcement and Credit Bureaus. You may contact the Federal Trade Commission (“FTC”), your state’s Attorney General’s office, or law enforcement, to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. To learn more, you can go to the FTC’s websites at www.identitytheft.gov and www.ftc.gov/idtheft; call the FTC at (877) IDTHEFT (438-4338); or write to:  FTC Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.

You may contact the nationwide credit reporting agencies at:

4. Additional Rights Under the FCRA. You have rights pursuant to the Fair Credit Reporting Act, such as the right to be told if information in your credit file has been used against you, the right to know what is in your credit file, the right to ask for your credit score, and the right to dispute incomplete or inaccurate information. Further, pursuant to the Fair Credit Reporting Act, the consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to your file is limited; you must give your consent for credit reports to be provided to employers; you may limit “prescreened” offers of credit and insurance you get based on information in your credit report; and you may seek damages from violators. You may have additional rights under the Fair Credit Reporting Act not summarized here.
   
   Identity theft victims and active-duty military personnel have specific additional rights pursuant to the Fair Credit Reporting Act. We encourage you to review your rights pursuant to the Fair Credit Reporting Act by:  (i) visiting https://files.consumerfinance.gov/f/documents/bcfp_consumer-rights-summary_2018-09.pdf; or (ii) by writing to Consumer Financial Protection Bureau, 1700 G Street, N.W., Washington, DC 20552.
5. Request Fraud Alerts and Security Freezes. You may obtain additional information from the FTC and the credit reporting agencies about fraud alerts and security freezes. You can add a fraud alert to your credit report file to help protect your credit information. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you, but it also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide credit reporting agencies listed above. As soon as that agency processes your fraud alert, it will notify the other two agencies, which then must also place fraud alerts in your file.

In addition, you can contact the nationwide credit reporting agencies at the following numbers to place a security freeze at no cost to you:

Placing a security freeze prohibits the agency from releasing any information about your credit report without your written authorization. Security freezes must be placed separately at each of the three nationwide credit reporting agencies. When requesting a security freeze, you may need to provide the following information: 

• • Your full name, with middle initial as well as Jr., Sr., II, etc.
  • Social Security number
  • Date of birth
  • Current address and all addresses for the past two years
  • Proof of current address, such as a current utility bill or telephone bill
  • Legible copy of a government-issued identification card, such as a state driver’s license, state identification card, or military identification.

After receiving your request, each agency will send you a confirmation letter containing a unique PIN or password that you will need to lift or remove the freeze. You should keep the PIN or password in a safe place.

For More Information

We are committed to transparency and will provide updates as more information becomes available. All updates will be posted to this webpage. We encourage you to visit it frequently.

We regret any concern or inconvenience this matter may have caused and appreciate your patience and understanding as we navigate through this situation.

December 1, 2023

Dallas County is aware of an unauthorized party posting additional data claimed to be taken from our systems in connection with our recent cybersecurity incident. We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact.

We understand the concerns that such an incident may raise among our residents, employees, and partners. We want to assure everyone that we are taking this matter seriously. Our top priority is the security and privacy of all individuals associated with Dallas County.

Our investigation into the incident remains ongoing and we continue to work closely with law enforcement and our cybersecurity experts to address this situation. Once the investigation is complete and in the event that our review determines any personal information has been involved, we will notify the affected individuals directly.

We are committed to transparency and will provide updates as more information becomes available. All updates will be posted to this webpage. We encourage you to visit it frequently. Moreover, we encourage everyone to visit the Federal Trade Commission's website at https://consumer.ftc.gov/features/identity-theft. This resource provides valuable information on how to safeguard personal information.

We sincerely appreciate your understanding and patience as we navigate through this situation.

November 7, 2023

Dallas County is aware of an unauthorized party posting data claimed to be taken from our systems in connection with our recent cybersecurity incident. We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact.

We understand the concerns that such an incident may raise among our residents, employees, and partners. We want to assure everyone that we are taking this matter seriously. Our top priority is the security and privacy of all individuals associated with Dallas County.

Our investigation into the incident remains ongoing and we continue to work closely with law enforcement and our cybersecurity experts to address this situation. As the investigation progresses, when our review determines personal information has been involved, we will notify the affected individuals directly. 

We are committed to transparency and will provide updates as more information becomes available. All updates will be posted to this webpage. We encourage you to visit it frequently. Moreover, we encourage everyone to visit the Federal Trade Commission's website at https://consumer.ftc.gov/features/identity-theft. This resource provides valuable information on how to safeguard personal information. 

We sincerely appreciate your understanding and patience as we navigate through this situation.

October 31, 2023

Dear Residents and Partners,

Thank you for your inquiry. We value our relationship with you and your confidence in us.  We can share the updated information below about the recent cybersecurity incident impacting Dallas County.

Description of the Incident

As you are aware, on October 19, 2023, Dallas County became aware of a cybersecurity incident affecting a portion of our environment. Once we detected the incident, we retained external cybersecurity professionals to assist in our efforts to contain the threat, investigate the nature and scope of the attack, and enhance our security efforts to reduce the likelihood of recurrence of this type of attack.

Currently, our work with the cybersecurity firm is ongoing. While our goal is to be transparent and forthcoming with information relating to the incident, we do not want to make premature assumptions about the extent of impact or other details, which may evolve as the forensic investigation advances. Because transparency is important to us, however, we are sharing additional information relating to our containment efforts. The County will provide updates as soon as more information becomes available.

Containment and Additional Security Efforts

Due to our containment measures, Dallas County interrupted data exfiltration from its environment and effectively prevented any encryption of its files or systems. It appears the incident has been effectively contained, partly due to the measures we have implemented to bolster the security of our systems. These measures include: 

1. Extensive deployment of an Endpoint Detection and Response (EDR) tool across servers and endpoints connected to our network.
2. Forcing password changes for all users to grant access to our systems.
3. Mandating multi-factor authentication for remote access to our network.
4. Blocking ingress and egress traffic to IP addresses identified as malicious.

Currently, there is no evidence of ongoing threat actor activity in our environment. Given these measures and findings, it appears at this time that the incident has been successfully contained and that Dallas County's systems are secure for use.

Next Steps

We hope the information we can provide today answers questions you may have about the incident, and we appreciate your patience and understanding as we continue to work through this process. Our team and resources are focused on completing the investigation. We will keep you apprised of relevant developments as the investigation continues through this dedicated webpage. We encourage you to visit it frequently.  

Thank you for your continued partnership and support.