Tyler Technologies hosting reports data breach impacting US government system data
Learn More
Tyler Technologies, a major data host for various organizations, reports a data breach affecting the Department of Insurance, Securities and Banking’s (DISB) STAR system client data in Washington D.C.
The breach was detected after Tyler Technologies observed unauthorized activity within an isolated segment of their private cloud hosting environment. The affected system was taken offline as the company initiated close communications with impacted entities and launched an investigation into the breach.
The investigation revealed that the breach was the result of actions by a threat actor who encrypted the system and exfiltrated the data - AKA ransomware. The Lockbit 3.0 gang has published a threat on April 13 to release hundreds of gigabytes of financial documents unless a ransom was paid by April 19.
When negotiations apparently fell through, the group threatened to release an initial one gigabyte of sensitive data, with further threats to release up to 800 gigabytes of documents from DISB, the Securities and Exchange Commission (SEC), and Delaware banking institutions if their demands were not met by April 23.
The data could include not only corporate financial data but also personal information of D.C. residents. This could encompass confidential business data, personal and business insurance details, tax documents, and personally identifiable information (PII) such as Social Security numbers, full names, email addresses, and more.
No details are available about the number of affected individuals, and no confirmation is available from the impacted organizations.
Update - The LockBit ransomware gang has leaked 1Gb of data they claim to have stolen from the District of Columbia’s Department of Insurance, Securities and Banking (DISB). Tyler confirmed the leak in a statement on 19th of April:
“We have confirmed evidence that the threat actor acquired information from the system. We are working with third-party cybersecurity forensic experts to identify the full impact. As of April 18, the threat actor published information they claim was acquired from the STAR system,”
