In the wake of a cyberattack on Tarrant County Appraisal District in March, the Medusa ransomware gang has claimed responsibility for the hack and has threatened the public with the threat of leaking 218 GB of the stolen data unless the ransom of $100,000 is paid within six days.
According to the Tarrant County Appraisal District, approximately 300 individuals' personal information was stolen in a recent update.
As of this original report, the county organization was still about four days away from publishing the alleged data stolen in the attack after the gang forewarned it to do so on April 6th. TAD appeared on the Medusa leak blog on April 6th. It is recommended to report any suspicious activity as soon as possible to the authorities, but affected individuals will be contacted to ensure that their personal information remains safe.
Even though the county has not yet responded to whether the ransom will be paid, it is understood that the attack has been reported to the FBI, and plans are underway to restore operations.
The Medusa gang recently attacked an Illinois county on the border with Iowa in addition to the Tarrant County incident.
A ransomware gang known as Medusa first appeared on the scene in late 2022 and has been consistently active ever since.
As recently as December 2017, Medusa became the target of three separate school districts within less than a week and compromised the personal information of thousands of students and teachers across three districts.
The threat actors also attacked Moneris, a Canadian fintech company that processes payments for Starbucks and IKEA. Medusa is regarded as operating under a ransomware-as-a-service model, whereby the company sells its trademark ransomware variant to other 'criminal affiliates' for a cut of the profits generated from sales of their ransomware variant.
TAD did not disclose how much data the ransomware group took or precisely what information had been compromised.
Medusa has now threatened to leak the supposed stolen information unless a $100,000 ransom is paid to them.
The gang has posted a sample cache of around 40 documents said to have been exfiltrated during the recent attack by the group.
According to Cybernews, the purported samples are a collection of financial documents, commercial and residential property databases, property owners' information, records of properties, judgments obtained by the courts, details about board members, tax information, records of employees, and the like.
The recent ransomware attack that hit the Tarrant County Appraisal District in Tarrant County, Texas, has highlighted the critical need for organizations to adopt a proactive approach to cyber defence and consider it a continuous process rather than reactive.
There is a history of international cyberattacks conducted by the Medusa cybercrime gang that is well known, he said.
There has been an increasing realization by the intelligence community that traditional, reactive measures are no longer effective when faced with adversaries like Medusa, which are using advanced tactics.
There are 73 jurisdictions in the county served by the Tax Assessment Division, which is the division of local property tax assessments.
It has been estimated that there are approximately 2.1 million inhabitants in Tarrant County, with the government offices situated in the city of Fort Worth, one of the largest cities in the state.
The government delegated that responsibility to city and county governments, so TAD has an extremely important role to play there.
A ransomware gang could be easily convinced to take advantage of the amount of sensitive personal information stored and processed within TAD's network if it were to think it had a chance to profit from those stolen files.
Tarrant Appraisal District was recently found to have suffered a breach of its data, which is not the first time this has happened.
This Cyber News was published on www.cysecurity.news. Publication date: Sun, 14 Apr 2024 14:13:04 +0000