Fort Worth

Fort Worth IT operations return to normal after a political attack on municipal systems detected

City says there's no evidence that any personal or sensitive data had been released

NBC Universal, Inc.

Fort Worth says city IT operations are returning to normal after a hack on an internal computer system was detected late last week.

The city said over the weekend someone gained access to a municipal website that handles maintenance work orders. City leaders said they do not believe any other systems were compromised and there's no evidence that any personal or sensitive data had been released.

Still, personal information, cybersecurity, and government investigations attorney, Matthew Yarbrough said those living within Fort Worth city limits should remain vigilant of their personal information and ask questions.

"I would do it in writing and let them know that you want to know if your personal information was a part of this data breach or cybersecurity incident," Yarbrough said. "Whether it's a city or a company, or government, they don't really know how much or what happened to that data. You know, in the data world, digital evidence is fungible. It's easily changed and altered…. Many times, they have no way of telling you one way or the other whether your information was released."

On Monday, city officials said they'd addressed the hackers' method of access and said there was no lingering unauthorized access to the city's computer systems.

In their original announcement on Telegram Messenger, the hackers claimed they deleted 60 GB worth of files. However, in an e-mail to NBC 5, the city IT department said, "The City did not lose any data in the course of this event. The attacker claims to steal 500k files and then revises their statement to say there will be less than 500k stolen files posted online because they accidentally deleted 60gb [of their copies of the stolen files]."

The city added that IT operations returned to normal at about noon Monday.

The cyberattack appeared to be politically motivated after the group taking responsibility for the breach posted online saying that because the state of Texas had banned gender-affirming care they made the state a target.

There was no immediate word on why Fort Worth, specifically, was targeted. However, the city's IT solutions director, Kevin Gunn, clarified the cyber-attack is much different than what the City of Dallas is dealing with.

"Someone has stolen credentials and accessed the website and downloaded images from that website," Gunn said. "There is no encryption of files being detected and no ransom has been demanded of the City of Fort Worth."

The city said local and federal authorities continue its investigation into the breach.

Contact Us