The city of Fort Worth has been hacked, but officials say it doesn’t appear that any privately held information has been obtained.
Kevin Gunn, the city’s chief technology officer, said the Texas Department of Information Resources alerted Fort Worth to the issue. Most of the information obtained appears to be public and could be obtained through an open records request. He believes it includes internal employee documents, police reports, and other publicly accessible information. The hacktivist group SiegedSec first claimed responsibility on the platform Telegram. It comes months after the ransomware group known as Royal breached the city of Dallas’ servers, an attack that appears to be far more severe than what Fort Worth is navigating.
SiegedSec’s Telegram post suggests the hack is a political statement.
“We have decided to make a message towards the U.S government. Texas happens to be one of the largest states banning gender affirming care, and for that, we have made Texas our target. Fuck the government,” the group said on its Telegram post.
SeigedSec claims it obtained more than 500,000 files from the city. Gunn said the breach occurred on a website that is used by city employees to manage work orders and other requests and is not accessible by the public.
The hackers were able to access work orders and other documentation from the departments of transportation, public works, parks and recreation, and property management through a tool called View Works.
“I want to emphasize that through our investigations we have found no indication that there has been sensitive information related to either residents or businesses or employees that have been released as part of this incident,” he said.
“So an example of those documents might be pictures of potholes that needed repair—before and after the repair was done, sidewalk repairs, or other street repairs, as well as a sorted supporting documentation for those maintenance activities,” he said.
Gunn said it appears that the hackers used stolen login information for the View Works system to obtain access. In Dallas, the group Royal likely breached city systems through the use of malicious software, an act that crippled the city of Dallas’ systems for months.
“I think it’s important to note that it does not appear that the data was downloaded by accessing any of our servers, any of our databases, or any of our storage on our corporate network,” Gunn said. “It was access to that website. Additionally, there’s no indication at this time that any other systems were accessed.”
Gunn stressed that it does not appear that SeigedSec has encrypted any files, and the group hasn’t asked for a ransom. “So in that regard, it is not the same as other incidents you might have heard about in the media,” he said.
The city is working with local and federal law enforcement. It is still assessing the breach to determine whether other steps need to be taken, like providing credit monitoring to city employees.
SeigedSec, unlike the group responsible for the Dallas hack, does not seem to be motivated by money. Last year, after the Supreme Court overturned Roe v. Wade, the group leaked eight gigabytes of data from state governments in a campaign against pro-life entities. In February, it leaked data from the Australian software company Atlassian.
Dark web monitoring firm DarkOwl said last summer that the group had already accessed sensitive information, emails, and databases from at least 30 different companies. The hactivist group appears to have sprouted up in the past year.
“The group shows no preference for the industries nor locations of its victims,” DarkOwl reported. “They have successfully targeted companies across numerous diverse industry sectors around the globe including healthcare, information technology, insurance, legal, and finance. We’ve witnessed victims announced from India, Pakistan, Indonesia, South Africa, USA, Philippines, Costa Rica, Mexico, and others.”
The group seems unphased by the threat of law enforcement intervention. At the end of its Telegram post Friday, it said, “Now you may think, ‘SiegedSec! What if the F.B.I comes after you???’ And to that we say, ‘GOOD LUCK, WE’RE BEHIND 7 PROXIES!’”
Author
